Wikis - Page

Designer association modifier plugin

0 Likes
By: scauwe

Introduction


You all know the DAModifier tool? Nice tool, but it depends on the Client and Windows. Attached is a designer plug-in that allows you to do similar actions: import, modify or export IDM driver associations.

Installation


Cool tools does not allow upload of jars, so rename the attached zip to .jar and copy the jar to the plugins folder of your designer. Delete any previous version you had installed and restart designer if already running. I tested this with Designer 4.0.1 and 4.0.2 in Linux and Windows. Version 0.4 was tested with Designer 4.6 LDAP and non-LDAP.

Usage


Right click on a driver object in the outline view or the driver connection in the modeler view and select Live ? Association Editor or right click on the application (in modeler or outline view) and select Driver ? Live ? Association Editor.


New menu entry: Association Editor


A dialogue will pop-up where you can select what you want to do.

Export associations.


Export associations will export the associations of the selected driver to a tab separated file. This file will contain the object DN (lpdap format), the associations state and the association value. Enter the required information (search base, ldap filter, association status and the target file) and press Start.


Export associations dialog



Modify associations


This allows modification of the association status. Enter the required information (search base, ldap filter, 'from' association status, 'to' association status) and press Start. Optionally, a log file is generated. This log file (tab separated) contains the object DN, the old state, the association value and the action taken.


Modify associations dialog



Import associations


This allows for importing associations. Enter the required information (file to import) and press Start. Optionally, you can limit the import to a 'test only'. This will generate a log file of the actions it would take. The file to import is a tab separated file with the following columns: object dn (ldap), association state, association value (same format as the export option). Optionally (unless 'validate only' is checked) a log file is generated. This log file (tab separated) is the same as the input file, but adds an action column containing the action taken (or that would be taken in case of 'validate only'). Note: when 'validate only' is not selected, importing will always delete the current associations for the object. It does not add associations to the existing objects.


Import associations dialog



Processing


After pressing start, a monitor dialog is displayed, showing the progress. Upon completion, a summary dialog is shown. Note: processing can be run in the background, allowing you to continue your work. The progress view will display the result. Clicking the link will display the same summary as above (when running in the foreground).


Job status



New features and fixes


Version 0.4, 04-Feb-2018

  • Made the plugin compatible with the LDAP Designer. Tested with IDM 4.6 LDAP and non LDAP.


Version 0.3.1, 23-June-2015

  • Bug fix: fixed issue with backslash during import of associations.


Version 0.3.0, 21-June-2015

  • Bug fix: fixed NPE during import of associations.


Version 0.2.0, 5-March-2014

  • Bug fix: fixed issues with modifying the state of not-associated objects.

  • Enh.: remember last settings.


Version 0.1.0, 14-SEPT-2012

  • First release (beta).


Know limitations


ldap paged search is somehow not fully implemented in eDirectory. Some ldap searches will return duplicate entries when using paged searches. This is a known eDirectory issue. In order to work around this somehow, the search is sometimes split up into multiple searches. Still, no guarantee is given that objects will not be synchronized twice.

Comment


The previous post on Qmunity will not be updated, since that does not seem to be editable. This cool tool post is editable.

Labels:

Collateral
How To-Best Practice
Comment List
Parents
  • If IDM server has LDAP configured with "Require TLS for all operations" the search fails with a NullPointer exception and

    LDAPException: Confidentiality Required (13) Confidentiality Required
    LDAPException: Server Message: This server requires a TLS connection

    Is there any work around or where to look since in most environments these days TLS is a must.
Comment
  • If IDM server has LDAP configured with "Require TLS for all operations" the search fails with a NullPointer exception and

    LDAPException: Confidentiality Required (13) Confidentiality Required
    LDAPException: Server Message: This server requires a TLS connection

    Is there any work around or where to look since in most environments these days TLS is a must.
Children
Related
Recommended