Wednesday 8 July 2020

Rules in Sailpoint

Rules are the construct through which IdentityIQ allows the addition of custom business logic at specific points within the execution flow of the product.

The below is the sample how to construct business logic, There are multiple application on-board to Sailpoint and the requirement is to get the mail of the user from an specific application HR System – Employees.


The below are the learning

1.
       How can we define a method in Rule (A Java method is a collection of statements that are grouped together to perform an operation.)
2.
       Link of an identity
3.
       How to test the rule in IIQ console



Code

      import sailpoint.object.Identity;
 import java.util.*;
 import sailpoint.api.*;
 import sailpoint.object.Link;
// Java Method
 
 public static String GetEmail(String user) {

 
 Identity id = context.getObject(Identity.class,user);
 List listOfLinks=id.getLinks();
 if(listOfLinks!=null){
                        for(Link link : listOfLinks)
                               {
                               if(link.getApplicationName().equals("HR System - Employees")){
                                 String emailofApp = link.getAttribute("email");
                                 return emailofApp;
                                }
                            }
                        }
                                           }


     String user = "Adam.Kennedy";
String emailofuser = GetEmail(user);   // Calling the Method
System.out.println("We have found the email of the user"+ " "+ emailofuser);

Save the above code in a Rule.
In IIQ Console.






Thursday 2 July 2020

How to get the value of other fields in a form in validation scripts.

I have two fields Location & sub-location and based on the value in location, the sublocation should allow to have the value from selected value from the lists and on having a different value in the field should give the customized message.

Eg,    Location India and corresponding sublocation is Bangalore,Hyderabad,Pune




The below rule can have multiple If statement, based on your requirement.





//validation variable comes in as 'value'
                import sailpoint.tools.Message;
                String Val = form.getField("Location").getValue();
                System.out.println("Value is :" + Val);
                List messages = new ArrayList();
                String input = (String)value;
                System.out.println("Value :" + input);
// Check===================================
   if(Val.equals("India")) {
   List loc = new ArrayList();
     loc.add("Bangalore");
     loc.add("Pune");
     loc.add("Hyderabad");
        int j=0;   
     for(String item : loc){
       if( input.equals(item)){
            j++;       

                   }          
        }               

      if(j!=1) {
                Message msg = new Message();
                     msg.setKey("Allowed value are Bangalore,Pune,Hyderabad");
                     messages.add(msg);

                }       

          }
     return messages;

Thursday 28 May 2020

Writing my first PlayBook on shell and local_action Module

Below is the structure of Playbook of generating HTML report using the shell and local_action Module

YAML
-  hosts:  localhost
   tasks:
     -  name:  checking 
        shell:  |
            a=$(hostnamectl | grep Chassis)
            a=$a{a// /}
            b=$(hostnamectl | grep "Icon name")
            b=$b{b// /}           
            echo "<html>
                  <head>
                  <style>
                  table, th, td {
                  border: 1px solid black;
                  }
                  </style>
                  </head>
                  <body>
                  <h2>Ansible Generating report</h2>
                  <p>Author - Anirban.</p>
                  <table style="width:20%">
                  <tr>
                  <th>Name</th>
                  <th>Information</th>    
                  </tr>
                  <tr>
                  <td>Chassis</td>
                  <td>$a</td>    
                  </tr>
                  <tr>
                  <td>Icon name</td>
                  <td>$b</td>    
                  </tr>  
                  </table>
                  </body>
                  </html>"
        register:  output

     -  name:  message
        debug:
          msg: "{{output.stdout}}"

     -  name: Generating the report
        local_action:  "copy content='{{output.stdout}}' dest=/home/anirban/Desktop/report.html"


Ansible Syntax check
   ansible-playbook systemreport.yml --syntax-check

Ansible Playbook
    ansible-playbook systemreport.yml

The outPut of the Playbook

Add caption







Wednesday 13 May 2020

Display All the Owner of Group in FIM|MIM from a lists having the Groups Display Name





Sunday 29 March 2020

Null Object in Sailpoint IIQ

Time for me to go sleep, after working for almost 8 longs hours in Rules :) Stay Healthy and Safe.Covid - 19

Some time in Sailpoint IIQ we have to handle the Null object. It take sometime for me, how to handle the Null and it was always throwing the error message while running the Identity refresh.


Below is the example how to manage the Null object in  Rule

import sailpoint.object.Identity;
String a = identity.getAttribute("Department");
if(a == null)
{
return "Null";
}
else if( a == "onepass") {
return "onepass";
}
else
{
return "Not one pass";
}


Java if..else..if statement.


if (expression1) 
{
   // codes
}
else if(expression2) 
{
   // codes
}
else if (expression3) 
{
   // codes
}
.
.
else 
{
   // codes
}

Thursday 19 March 2020

On-Boarding Active Directory Application


HomepageApplicationsApplications Definition



Add New Application
     Name : Give name of the Application
     Owner : spadmin 
     Application Type : Active Directory - Direct


Configuration
Account


Group

 Test Connection
 Save the configuration


ServiceNow onboarding Sailpoint