Home

Results 1 to 9 of 9

Thread: how to map owner from DelimitedText to Entitlement?

Hybrid View

  1. #1
    Join Date
    May 2009
    Location
    ES - Brazil
    Posts
    88

    how to map owner from DelimitedText to Entitlement?


    Hi all,

    I’ve created a DelimitedText application and mapped a text file with
    group information (name, description, value, owner and so on). First
    three attributes are mapped to Entitlements ok, but owner don’t.
    BeanShell examples has a ManagedAttributeCustomization rule type, but I
    haven’t found where to put this kind of rule.

    How can I map owner group attribute to Entitlement owner attribute?

    AGS 6.3 SP3.


    --
    agorian
    ------------------------------------------------------------------------
    agorian's Profile: https://forums.netiq.com/member.php?userid=1099
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  2. #2

    Re: how to map owner from DelimitedText to Entitlement?


    Hi,

    Are you trying to show that attribute (owner) into your group
    information? or Your need is the attribute owner be an entitlement?

    To write a ManagedAttributeCuztomization

    Define -> Applications -> select your app -> Rules -> Managed
    Entitlement Customization Rule

    Regards,

    Victor


    --
    vhnavag
    ------------------------------------------------------------------------
    vhnavag's Profile: https://forums.netiq.com/member.php?userid=1236
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  3. #3
    Join Date
    May 2009
    Location
    ES - Brazil
    Posts
    88

    Re: how to map owner from DelimitedText to Entitlement?


    Hi Victor,

    I tried to put a System.out.println(“I’m here”) in this rule but nothing
    was logged in catalina.out. Tried to use attribute.setOwner(“myOwner”)
    too and nothing happens even running tasks like aggregate users and
    groups, refresh statistics and entitlements correlation and so on.

    I’m thinking I’m doing something wrong, but haven’t found where…


    --
    agorian
    ------------------------------------------------------------------------
    agorian's Profile: https://forums.netiq.com/member.php?userid=1099
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  4. #4

    Re: how to map owner from DelimitedText to Entitlement?


    agorian;258403 Wrote:
    > Hi Victor,
    >
    > I tried to put a System.out.println(“I’m here”) in this rule but nothing
    > was logged in catalina.out. Tried to use attribute.setOwner(“myOwner”)
    > too and nothing happens even running tasks like aggregate users and
    > groups, refresh statistics and entitlements correlation and so on.
    >
    > I’m thinking I’m doing something wrong, but haven’t found where…


    Hi, sorry for the delay..

    I would like to know if you still working on it?

    You can use the function:

    attribute.setOwer(Identity);

    But since Identity is not an argument you must declate a new Identity
    object.

    Regards,

    Víctor Nava


    --
    vhnavag
    ------------------------------------------------------------------------
    vhnavag's Profile: https://forums.netiq.com/member.php?userid=1236
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  5. #5
    Join Date
    May 2009
    Location
    ES - Brazil
    Posts
    88

    Re: how to map owner from DelimitedText to Entitlement?


    Hi Victor, thank you for your answer.

    I already did this, but nothing change in Entitlements. Actually I think
    AGS is not running this rule, as nothing is written to log.

    I’m running an account aggregation task with promote managed attributes
    flagged and after that a account group aggregation, with detect deleted
    account groups flagged.


    --
    agorian
    ------------------------------------------------------------------------
    agorian's Profile: https://forums.netiq.com/member.php?userid=1099
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  6. #6

    Re: how to map owner from DelimitedText to Entitlement?


    Hi,

    The attribute has selected the checkbox of Managed Attribute? I did a
    test in my enviroment and is working, It could be easy if you share the
    application schema.

    Regards,

    Víctor Nava


    --
    vhnavag
    ------------------------------------------------------------------------
    vhnavag's Profile: https://forums.netiq.com/member.php?userid=1236
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  7. #7
    Join Date
    May 2009
    Location
    ES - Brazil
    Posts
    88

    Re: how to map owner from DelimitedText to Entitlement?


    Yep, it’s checked. My AGS version is 6.3 SP3, what is yours?

    Bellow one application.



    Code:
    --------------------

    <?xml version='1.0' encoding='UTF-8'?>
    <!DOCTYPE netiq PUBLIC "netiq.dtd" "netiq.dtd">
    <netiq>

    <Application connector="sailpoint.connector.DelimitedFileConnec tor" featuresString="DIRECT_PERMISSIONS, NO_RANDOM_ACCESS, DISCOVER_SCHEMA" icon="enterpriseIcon" name="Sistema de Correio Eletrônico" profileClass="" type="DelimitedFile">

    <AccountCorrelationConfig>

    <Reference class="sailpoint.object.CorrelationConfig" name="metaIDMCorrelation"/>

    </AccountCorrelationConfig>

    <Attributes>

    <Map>

    <entry key="IDMIntegrated">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="compositeDefinition"/>

    <entry key="delimiter" value=";"/>

    <entry key="deltaAggregation"/>

    <entry key="file" value="/tmp/email.txt"/>

    <entry key="filetransport" value="local"/>

    <entry key="filterEmptyRecords">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="group.delimiter" value=";"/>

    <entry key="group.file" value="/tmp/emailGroup.txt"/>

    <entry key="group.filetransport" value="local"/>

    <entry key="group.filterEmptyRecords">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="group.hasHeader">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="group.indexColumn" value="Perfil"/>

    <entry key="group.isSortedByIndexColumn">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="group.mergeRows">

    <value>

    <Boolean>
    </Boolean>

    </value>

    </entry>

    <entry key="group.partitionMode" value="disabled"/>

    <entry key="group.stopIfLineHasWrongColumnLength">

    <value>

    <Boolean>
    </Boolean>

    </value>

    </entry>

    <entry key="hasHeader">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="indexColumn" value="userName"/>

    <entry key="isSortedByIndexColumn">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="mergeColumns">

    <value>

    <List>

    <String>
    Perfil</String>

    </List>

    </value>

    </entry>

    <entry key="mergeRows">

    <value>

    <Boolean>
    true</Boolean>

    </value>

    </entry>

    <entry key="nativeChangeDetectionAttributeScope" value="entitlements"/>

    <entry key="nativeChangeDetectionAttributes"/>

    <entry key="nativeChangeDetectionEnabled">

    <value>

    <Boolean>
    </Boolean>

    </value>

    </entry>

    <entry key="nativeChangeDetectionOperations"/>

    <entry key="parseType" value="delimited"/>

    <entry key="partitionMode" value="auto"/>

    <entry key="stopIfLineHasWrongColumnLength">

    <value>

    <Boolean>
    </Boolean>

    </value>

    </entry>

    <entry key="sysDescriptions">

    <value>

    <Map>

    <entry key="en_US" value="email"/>

    </Map>

    </value>

    </entry>

    <entry key="templateApplication" value="DelimitedFile Template"/>

    </Map>

    </Attributes>

    <Owner>

    <Reference class="sailpoint.object.Identity" name="WrkGrpAppemail"/>

    </Owner>

    <Schemas>

    <Schema displayAttribute="userName" groupAttribute="Perfil" identityAttribute="userName" instanceAttribute="" nativeObjectType="account" objectType="account" permissionsRemediationModificationType="None">

    <AttributeDefinition name="userName" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    <AttributeDefinition entitlement="true" managed="true" minable="true" multi="true" name="Perfil" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    </Schema>

    <Schema displayAttribute="roleName" identityAttribute="Perfil" instanceAttribute="" nativeObjectType="group" objectType="group" permissionsRemediationModificationType="None">

    <AttributeDefinition name="Perfil" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    <AttributeDefinition name="roleName" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    <AttributeDefinition name="description" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    <AttributeDefinition entitlement="true" managed="true" minable="true" name="value" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    <AttributeDefinition name="owner" remediationModificationType="None" type="string">

    <Description>
    </Description>

    </AttributeDefinition>

    </Schema>

    </Schemas>

    </Application>

    <LocalizedAttribute attribute="description" locale="en_US" name="Sistema de Correio Eletrônico:description:en_US" targetClass="Application" targetName="Sistema de Correio Eletrônico" value="email"/>
    </netiq>

    --------------------


    --
    agorian
    ------------------------------------------------------------------------
    agorian's Profile: https://forums.netiq.com/member.php?userid=1099
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  8. #8
    Join Date
    Apr 2011
    Location
    Raleigh, NC
    Posts
    67

    Re: how to map owner from DelimitedText to Entitlement?


    agorian;258562 Wrote:
    > Hi Victor, thank you for your answer.
    >
    > I already did this, but nothing change in Entitlements. Actually I think
    > AGS is not running this rule, as nothing is written to log.
    >
    > I’m running an account aggregation task with promote managed attributes
    > flagged and after that a account group aggregation, with detect deleted
    > account groups flagged.


    Couple things:

    A managed entitlement customization rule provides a log argument, so you
    should be able to log like this:
    log.info("Hello World");
    or change the level:
    log.debug("Hello Debug World");

    You may need to modify your log4j properties to get it to log. I've
    done this in the past to troubleshoot bash scripts and it helps quite a
    bit.
    I've updated my ..../ags/WEB-INF/classes/log4j.properties file to
    include the following line:
    log4j.logger.sailpoint.server.BSFRuleRunner=trace

    And if that doesn't do it, you can change the following line towards the
    top to get EVERYTHING:
    log4j.rootLogger=warn,file
    to this:
    log4j.rootLogger=debug,stdout

    Then in the debug screen (from the debug menu) you can tell it to reload
    the logging config, so no restart necessary.

    And check this out: http://www.beanshell.org/bshservlet.html
    You can load the war file they provide on your dev tomcat server, then
    you can use the page it provides to test the syntax of your bash code.
    It is helpful to find missing semicolons or other syntax issues.

    --Jim


    --
    jmontm42
    ------------------------------------------------------------------------
    jmontm42's Profile: https://forums.netiq.com/member.php?userid=3876
    View this thread: https://forums.netiq.com/showthread.php?t=53750


  9. #9
    Join Date
    Mar 2016
    Posts
    1

    Re: how to map owner from DelimitedText to Entitlement?

    Anyone got this working?
    Managed Entitlement Customization Rule is not running while running aggregation.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •