You’ll use the features of the Designer for Identity Manager Provisioning View and the directory abstraction layer editor to define the contents of the directory abstraction layer. Follow these steps to get started:
Step |
Task |
Description |
---|---|---|
1 |
Create an Identity Manager project |
This includes:
See the Identity Manager documentation. |
2 |
Add a User Application driver to the Modeler |
You can find the Identity Manager user application driver in the Provisioning folder of the Modeler Palette. |
3 |
Complete the User Application driver configuration |
See the procedure Section 4.2.1, Completing the User Application driver configuration. |
4 |
Access the Provisioning View |
|
5 |
Start the directory abstraction layer editor |
Follow these steps once you have an Identity Manager project created.
Drop a User Application driver icon on the canvas.
You are prompted for a driver configuration.
Select UserApplication.xml (the default), then click Run.
Specify how the wizard should handle validation of your entries by clicking Yes or No.
.
.
.
Complete the panel as follows:
Click OK.
Choose one of these ways:
Select Window>Show View>Provisioning View.
Open the Provisioning folder and select Provisioning View.
Click OK.
or
Select the User Application icon, right-mouse and select Application>Show Provisioning View.
In the Provisioning View, you’ll see the project you just created along with any other provisioning projects located in the same workspace.
HINT:If you do not see the applications that you expect in the view, it might be because the project is corrupt. If your project is corrupt, you must recreate it.
The Provisioning View provides persistent access to the provisioning features. Double-clicking an item from the Provisioning View opens the editor for that item. You’ll use the provisioning view to perform the following actions with the directory abstraction layer definitions:
Import one or more object definitions from the identity vault.
Validate the structure of the data definitions.
Deploy your definitions to the identity vault specified in the project.
Create and delete directory abstraction layer definitions.
For more information, see Section 4.8, Importing, validating, and deploying directory abstraction layer definitions.
With the Provisioning View open navigate to the Directory Abstraction Layer node.
Double-click the Directory Abstraction Layer node.
You’ll see a tree containing Entities, Lists, Org Chart Relationships, and Configuration.
The directory abstraction layer editor provides a graphical way to define the set of XML files that comprise the directory abstraction layer. The directory abstraction layer editor is an Eclipse-based tool that you can access from the Provisioning View of an Identity Manager project.
When you open the directory abstraction layer editor the first time, you’ll see a base set of abstraction layer objects that are created automatically each time you create a new provisioning project:
The nodes of the directory abstraction layer editor include:
Element |
Description |
---|---|
Entities |
Entities represent the identity vault objects configured for this project and available to the user application. There are two types of entities:
For more information, see Section 4.3.3, Defining entities. |
Lists |
Lets you define the contents of global lists. Global lists are:
For more information, see Section 4.4, Working with lists. |
Org Chart Relationships |
Used by the Organization Chart action of the Identity Self-Service tab of the user application. Lets you map hierarchical relationships among schema-based entities. For more information, see Section 4.5, Working with Org Chart relationships. |
Configuration |
General configuration parameters. For more information, see Section 4.6, Working with configuration settings. |
Where the XML files are stored locally The directory abstraction layer editor generates a single XML file for each entity, list, or relationship. The files are stored in the project’s Provisioning\AppConfig\DirectoryModel folder. The file name is based on the object’s key. They include:
You’ll use the features of the directory abstraction layer editor to add new definitions that model your own identity vault schema. You’ll use the features of the Provisioning View to deploy the new definitions to the identity vault.
The directory abstraction layer editor is divided into two panes. The left pane provides a view of the directory abstraction layer contents. When you select an item in the left pane, the right pane displays the attributes and settings for the selected item.