24.3 Preferences: Designer for IDM

24.3.1 Versions, Updates, Prompts, and Browsers

Versions

Figure 24-2 Preferences: Versions

Specifies the Identity Manager version running on a server.

Updates

Figure 24-3 Preferences: Updates

Table 24-11 Preferences: Automatic Updates

Settings

Description

Do not check for updates

Prevents Designer from checking for updates on startup. Hides the Designer Updates dialog box.

Prompt to check for updates on startup

Displays a prompt each time you run Designer. You can disable this prompt.

Check for updates automatically on startup

Always checks for updates. If you disable the prompts that appear on startup, select this option.

Notify me when there are no updates available

Displays a No New Updates message when you select to check for updates.

Prompts

Table 24-12 Preferences: Prompts

Setting

Description

Warn when downgrading server versions

Prompts you when you select an earlier server version for a project. If you downgrade, some elements of your configuration might not work in your target environment.

Warn when upgrading server versions

Prompts you when you select a later server version for a project. If you upgrade, some of your configuration might not be deployable unless you have this later server version in your environment.

Warn when another editor has updated files in the same project space

Warns you that your project might be erased from your workspace. The prompt occurs when overwriting a file in the file system for notification templates and policies.

Warn when deleting items from the outline view

Confirms that you want to delete the selected items.

Web Browsers

You can use Designer to open a Web browser. The Web browser button is available from the main toolbar.

Figure 24-4 The Web Browser button

When you first launch the browser, you are prompted for a home page.

Figure 24-5 The Prompt for a Home Page

After you enter the URL, Designer stores it.

To change the URL, type a new one in Preferences, then click OK.

24.3.2 Configuration

Each driver has a startup parameter. If it is disabled, the driver never starts until you change the setting. By default, Identity Manager drivers are disabled when you create them in the Modeler or start Designer. You must start them manually.

For more information, see Section 10.4, Configuring Driver Sets.

General

These general settings specify how drivers start up and how their global configuration values (GCVs) act on specified target servers. The default state uses Disabled and Merge GCVs.

Figure 24-6 Configuring General Driver Settings

Table 24-13 Driver Settings: General

Setting

Description

Auto-Start

The driver automatically starts after you create it or whenever you start or load Designer.

Manual

You must start the driver manually.

Disabled

The driver never starts.

Merge GCVs on the target server during copy

Copies the GCVs from one driver/driver set to multiple targets of the same type. For example, you might configure GCVs on one driver and then copy them to multiple drivers. You also have the option of overwriting the target GCVs or merging your “source GCVs” with the existing target driver GCVs, if they exist.

Overwrite GCVs on the target server during copy

Overwrites existing GCVs when they are copied to the server.

eDir-to-eDir SSL/TLS

This setting configures how two eDirectory drivers communicate with each other over a secure channel. For more information, see Section 22.6, Configuring TLS for eDir-to-eDir Drivers.

Figure 24-7 Configuring eDir-to-eDir Drivers

Table 24-14 eDir-to-eDir and SSL/TLS Settings

Setting

Description

Preferred Key Size

Specifies the preferred key size that is generated when drivers are encrypted and stored in eDirectory: 512, 768, 1024, or 2048 bytes.

Preferred Secure Hash Algorithm

Specifies the preferred hash algorithm to use when encrypting drivers: SHA1-RSA, MD2-RSA, or MD5-RSA.

Preferred Validity Period

Specifies the validity period for a driver certificate ranging from 6 months to 10 years.

Always overwrite existing certificates

Specifies that existing driver certificates are overwritten with each deployment. If you select this option, Designer deletes existing certificates and creates new ones. The new certificates are then good for another two years (assuming the default value is two years, as defined in the Preferred Validity Period field.) If you select Live > Create eDir-to-eDir Certificates, Designer deletes old certificates and creates new ones

Overwrite certificates only if they have expired

Specifies that only expired driver certificates are overwritten with each deployment. This is the default setting. The default expiration length is two years. If a certificate expires, SSL/TLS stops working. If a certificate is expired, Designer deletes it and creates a new one.

Never overwrite existing certificates

Never overwrites driver certificates.

Restart drivers after building certificates

Restarts drivers after certificates have been updated/created.

When you create certificates, Designer reads the preferences, including Preferred Key Size, Preferred Secure Hash Algorithm, and Preferred Validity Period. These options are also available through Secure Connection Settings > Advanced TLS Configuration.

Figure 24-8 The Advanced TLS Configuration Dialog Box

NOTE:Designer reads these preferences after you first set them. If you subsequently change the preferences by using the driver’s configuration page, those changes override the settings in Preferences.

After you change default settings and click OK, that configuration information is recorded. When you deploy the driver, Designer creates the certificates, or deletes and creates new certificates with a new time stamp.

Prompts

These settings specify how users are prompted to manage driver certificates on the target server. All are selected in the default state.

Figure 24-9 Configuring Certificate Prompts

Table 24-15 Configuration Prompts

Setting

Description

Prompt to replace existing certificates

Prompts the user to provide new certificates.

Prompt to merge/overwrite GCVs on target server during copy

Prompts the user to merge or overwrite when copying GCVs to the target server.

Prompt to create certificates after configuration

Prompts the user to create certificates after configuring a secure connection.

Prompt to overwrite existing settings and policies from the Driver Configuration Wizard

In the Driver Configuration Wizard, prompts the user whether to reset (overwrite) all driver settings and policies.

24.3.3 Document Generation

The Document Generator comes with the following settings:

Figure 24-10 Document Generation Settings

Table 24-16 Document Generation Preferences

Setting

Description

Automatically open the rendered file after document generation.

If you have a PDF reader installed on your workstation, the rendered file automatically opens in the reader. If you have enabled the RTF format and have a TRTF reader installed, the rendered file automatically opens in the reader. The default is On.

Show warning dialog box when the style is an older version.

Shows a warning when generating documents on out-of-version styles. The default is On.

Enable RTF support (experimental).

Allows you to save documents to RTF format. This is a pre-release version. The default is Off.

Document applications and drivers related to other selected items.

With this option selected, parent objects and direct child objects are included to give context to the document. Deselecting this option excludes direct children of the selected item. The default is On.

Document Language

Allows you to select a language other then English in which to generate documents. Languages include Chinese Simplified, Chinese Traditional, Dutch, English, French, German, Italian, Japanese, Portuguese Brazil, and Spanish. The default is English.

Font settings

Allows you to select the font you want to use for document generation. This selection adds double-byte font support. The default is Arial font.

24.3.4 Entitlements

Figure 24-11 Entitlements Settings

Controls whether or how often you receive a prompt whenever you add the DirXML-EntitlementRef attribute to a driver filter. The default is Prompt me, but because this attribute is added only if it doesn’t already exist on the driver filter, you can select Always add it to not see the pop-up window.

24.3.5 iManager

Table 24-17 Preferences: iManager

Setting

Description

iManager URL

.

Show Novell iManager Information Dialog

24.3.6 Import/Deploy

The Import/Deploy preference window contains five tabs: Deploy, Import, Export, Prompts, and Trace. The following table describes their options.

Table 24-18 Preferences: Deploy

Setting

Description

Restart running drivers after deploying the driver

Restarts the driver after it is deployed. The default is On.

Show the summary dialog prior to performing a deployment

Displays a summary of what is going to be deployed. The default is On.

Replace driver set/server associations when deploying a driver set

If you want driver set and server associations when deploying, select this option. The default is Off.

Always deploy both drivers of an eDir-to-eDir connection when SSL/TSL is enabled

With this option selected, you are prompted to deploy both sides on the connection. With both drivers deployed, Deploy is integrated with the creation of eDir-to-eDir certificates, if the certificates are created in Designer. Deploy adheres to the settings set in Preferences > Designer for IDM > Configuration > eDir-to-eDir. The default is On. This is the recommended setting.

Table 24-19 Preferences: Import

Setting

Description

Perform prompt checking when running a driver configuration file

Displays the Do you wish to perform all mandatory and required prompt checking when running this Driver configuration file? prompt. If you select Yes to the prompt, you must then enter information in required fields while configuring the driver. If you select No, you temporarily disable this setting and can skip required fields.

Include application schema when importing drivers

Imports the eDirectory application schema when you select this option. You might not want to import all the associated data. The default is Off. See Section 16.4.3, Importing a Schema.

Show the summary dialog prior to performing an import

Allows you to view what’s being imported in a summary screen. The default is On.

Table 24-20 Preferences: Export

Setting

Description

Copy cross driver policy references into exported configuration files

Selected by default, this option saves you the trouble of manually inputting cross-driver policy references.

Table 24-21 Preferences: Prompts

Setting

Description

Show dialog to export cross driver policy references to configuration files

Selected by default. If you do not want to see a dialog box about these references, deselect the option.

Show warning dialog when overwriting a driver set/server association

Warns that the driver set being deployed has a different server association than the server that you are about to deploy to. The association in the deployed driver set overwrites the existing server association.

Show dialog to deploy both drivers in an eDir-to-eDir system when SSL/TLS is enabled.

This is the default, and it is also the recommended setting. With this option selected, you are prompted to deploy both sides on the connection.

Show dialog box to restart drivers after a deployment

Selected by default. If you do not want to see a dialog box about these references, deselect the option.

Table 24-22 Preferences: Trace

Setting

Description

Trace import and deploy event information.

Deselected by default. If you need to troubleshoot an import or a deploy, select this option, then open the Trace view to inspect the import or deploy.

Generate debug messages for the Driver configuration prompt dialog box

Deselected by default. If you need to generate debug messages, select this option.

Show verbose debug messages.

Deselected by default. If you need to generate verbose debug messages, select this option.

Time import and deploy operations.

Deselected by default. If you need to time how long it takes to import or deploy an object, select this option.

24.3.7 Changing the Language Setting

When you installed Designer, you selected a language to display Designer’s UI. If you need to change that setting, use Preferences.

  1. Select Window > Preferences > Designer for IDM > Language.

  2. Select a language, then click OK.

    The Apply and OK buttons set the language and prompt you to restart Designer.

    Restore Defaults reads the config.ini file, detects the previous language setting, and then defaults to that setting. When the changed property is written back to the .ini file, all comments are removed from the file. To preserve these comments, Designer copies the original config.ini to config.ini.bak and uses the backup to determine the default setting.

  3. Restart Designer.

24.3.8 Modeler

Modeler Tabs

Behaviors

Table 24-23 Preferences: Modeler Behaviors

Setting

Description

Auto-create servers when re-connecting a driver to a different driver set

Automatically creates a server for a driver set when you connect a driver to a different driver set.

Launch driver properties dialog

Launches the driver’s Properties page.

Show driver’s Policy Flow view

Displays the driver’s Policy Flow diagram in the Outline view.
Display

Table 24-24 Preferences: Modeler Display

Setting

Description

Show labels by Applications and Identity Vaults (Arc. Mode)

Shows labels below applications (in both modes) and above Identity Vaults (Architect mode only).

Show driver icons in Developer Mode

Displays a driver icon on the line that represents a driver in the Modeler.

Show password icons in Developer Mode

Displays a password sync icon below a driver icon in the Modeler.

Auto-expand Identity Vaults to fit contents

Causes Identity Vaults to expand to accommodate objects that you place in them.

A uto-shrink Identity Vaults to fit contents

Causes Identity Vaults to shrink when you remove objects from them.

Auto-size Identity Vaults to fit their titles

Enables vaults to expand horizontally, to accommodate long titles. Otherwise, the titles concatenate after approximately 20 characters.

Grid Width

Increases or decreases cells in the Modeler’s grid. To access the grid, select the Modeler, then click View > Grid.

Guidance

Table 24-25 Preferences: Modeler Guidance

Setting

Description

I dentity Vault will be created when you drop app, if there isn’t one already

Creates an Identity Vault when you drag or drop an application from the palette into the Modeler.

eDir-to-eDir connection tip, when you’ve connected the same eDir app to two different driver sets

Prompts you to connect a line directly between the end driver sets when you set up an eDir-to-eDir relationship.

Setting data flows in architect mode will default all policy and schema settings

Sets policy and schema settings to defaults when you set data flows in architect mode. To edit the settings, use the Developer mode.

Saving Dataflow to disk will force project save first

Requires you to save a project before you can save Dataflow to disk.
Layouts

Layout settings determine how applications are displayed in the Modeler. To set a default layout when you import projects, select an option (for example, Circle).

Figure 24-12 Preferences: Modeler Layouts

The following figure illustrates a half-circle layout:

Figure 24-13 A Sample Layout

To arrange existing applications in a particular layout:

  1. Right-click a Driver Set object in the Modeler.

  2. Select Arrange Applications.

  3. Select a layout.

Pages

Figure 24-14 The Pages Properties Page

Determines whether the Architect, Dataflow, and Table pages display as tabs at the bottom of the Modeler. By default, the Developer page (mode) appears in the Modeler. Displaying the additional tabs enables you to quickly toggle among pages.

Prompts

Table 24-26 Preferences: Modeler Prompts

Setting

Description

Show Driver Config Wizard at connection time

Launches the Driver Configuration Wizard when you drag or drop an application in the Modeler.

Show Default Server Choice Dialog when adding an Identity Vault

Enables you select whether to use a default server, specify a server, or not create a server.

Confirm when driver is being deleted

Provides a Yes/No prompt for you to choose whether you want to delete the driver and its policies.
Themes

Defines themes for the Developer and Architect modes. Customizes the colors of the background, text, line, Domain Group background, and Domain Group title in the Modeler.

Figure 24-15 The Themes Property Page

Dataflow

Specifies the number of columns per page that the Dataflow editor saves in the HTML reports.

To view or use the Dataflow editor, select the Dataflow tab in the Modeler.

Figure 24-16 The Dataflow Tab

Palette

Table 24-27 Preferences: Palette Settings

Setting

Description

Arrange applications in folders

Displays folders (for example, Database) in the palette and places applications in appropriate folders.

Arrange applications in alphabetical list

Places all applications into one folder in the palette, and lists the applications alphabetically.

24.3.9 Policy Builder

Policy Builder creates and manages the policies in the drivers.

Table 24-28 Preferences: Policy Builder

Setting

Description

Expand all rules when the Policy Builder is loaded

Automatically expands rules in the Rules pane when you open the Policy Builder.

Show version/author/last changed information

Displays fields in the Rule Inline Editor when you double-click a rule. When you enter data in the fields, the comments are added to the policy.

Policy Description

The Policy Description allows you to add comments about the policy.

Figure 24-17 Preferences: Policy Description

Table 24-29 Preferences: Policy Description Settings

Setting

Description

Expand the Policy Description field

Automatically expands the Policy Description field. You can hide the field by selecting the check box.

Number of rows of text to display

Determines how many rows to display in the Policy Description field. The default is 3.

Policy Description position on the page

Places the Policy Description field above or below the Rules pane.

24.3.10 Project Checker

Allows you to validate your project.

Table 24-30 Preferences > Project Checker

Setting

Description

Limit Visible Items to

Allows you to limit the number of items displayed in the Project Checker. The default value is 100.

Prompt me to save the editor before running Project Checker

Allows you to receive a prompt asking you to save your project before running the Project Checker. By default, this is enabled.

24.3.11 Schema

Allows you to manage the Identity Vault and connected system’s schema.

Table 24-31 Preferences: Policy Builder > Schema

Setting

Description

Warn when LDAP names are different from eDirectory names during .ldif import/export

Allows you to turn off this warning prompt, which appears during the import or export of the schema.

Warn when exporting base classes to .ldif

Allows you to turn off this warning prompt, which appears during the export of the schema.

Show the information message for the Manage Application Schema context menu

Allows you to turn off the information message that appears when managing the application schema.

24.3.12 Simulation

The Simulation setting enables you to test a policy.

Table 24-32 Preferences: Simulation

Setting

Description

Directories: Input

The directory that stores the input document. To simulate (test), you must have or generate an input document. Designer provides several predefined input documents. They are in subdirectories (for example, Add) in the Designer\eclipse\plugins\com.novell.designer.idm.policy_ version directory.

You can specify a different location to store the input documents.

Directories: Output

The directory that stores the output document. When you select Save As while testing a document, Designer stores the file in an output directory. By default it is the Designer\eclispe\plugins\com.novell.designer.idm.simulation directory.

You can specify a different location to store the output documents.

Directories: Java Extensions

Enables you to simulate policies that contain references to external Java extensions. Specify the directory where the jar file is located, then copy the jar file containing the Java class to that directory.

You can specify multiple Java extensions.

Options: Clear the policy simulation log file prior to performing a simulation

Automatically clears the log file. If you don’t enable this setting, Designer displays a Clear Log button that you can use. If you do many simulations in succession, you might want to disable this option. The log file then captures and displays the events of all the tests, until you click Clear Log.

Options: Show information prompt when a query is generated

Displays a prompt when the simulator generates a query. It simulates what the engine would do when a query is required to process the policy.

Options: Enable unsupported and experimental pre-release functionality

Enables a live version of the Policy Simulator.

WARNING:This feature is not supported and it is not documented.

24.3.13 Trace

The Trace view is useful in the following situations:

  • To trace internal errors and messages, so that you can find out why something might not work as expected.

  • To provide information for Novell Support, engineers, or other consulting resources.

All Designer-specific trace messages go to the Trace view if this view is open. Otherwise, no trace messages are sent.

Warnings and error messages are sent to the .log file, found in the run-time workspace metadata directory. Use the Error view to view this information.

Table 24-33 Parameters: Trace

Setting

Description

Enable Tracing

Writes events to the Trace view. By default, tracing is off. To increase performance, disable tracing when you don’t need it.

Include Stack Traces

Provides separate traces. Dumps the entire stack where an internal exception occurs, so that you can see in the code where the internal exception is failing.

Include XML Processor Traces

Provides separate traces that detail all of the processing of XML documents. This trace can become quite verbose.

Show Plug-In Names in Trace

In the Trace view, displays names of plug-ins where tracing has occurred. This is useful if you are tracing more than one plug-in.

Show View When Tracing

Automatically brings up the Trace view if a trace is trying to be logged. By default, this setting is On.

Trace Buffer Size

Increases the buffer to show more characters. As the buffer increases in size gets higher, performance might degrade, depending on your system.

Plug-Ins to Trace

Lists all Designer plug-ins (in their simple name form). Select plug-ins that you want to trace.

Select All

Enables tracing in all Designer plug-ins.

Deselect All

Disables tracing in all Designer plug-ins.