Symantec IGA

We have a situation where we would like a generic task to be able to parse input and then fire off follow on task based on that input.

We would like to use a BLTH to perform this function, but are open to options.

Other than building in a TEWS client into the BLTH, is there a good way to instantiate a task, fillout its form, trigger its events, etc...all from java?

Hello,

Else the IM web interface itself, TEWS is the feature to invoke IM Admin Tasks.

What would be the expected benefits of such generic task ?

Is not "Bulk Loader" IM Admin Task partially similar ?

Else you code to retrieve the information from the Admin Task definition the main trouble you will encounter is about the implementation to map the input data from the generic task to the IM Admin Task fields.

Going this way is closed to rewrite the internal IM task handling engine. We do expect this is not your purpose.

Regards

Laurent

Please explain your use case in detail. Then only we will be able to give any suggestions.

Hello,

Yes the IDM bulk loader feature is similar, but not as feature rich as what we require.

We would like to be able to process an input file through the task and call IDM tasks called out in the input with parameters also in the input.

For example:

Create these thousand users with these demographics, and then add them to these 12 groups.

The idea would be for this to be an flexible system so that we would not need custom policy express and tasks for each scenario, but the combination of tasks called out in the input would equate to a given scenario.

Hi Brent,

Based on what i understand, you want to automate the creation of account/add user to group based on input file. correct ?

Assuming Corp Directory  have these fields.

employeeid,firstname,lastname,email

Firstly, u need to use the IDM bulk loader to load ur input file, this will update into Corp Directory in IDM.

Eg. input file:-

action,employeeid,firstname,lastname

create,1001,John,Smith

*Action in the input file will map to the AdminTask "Create User"

Secondly, to build the email value. We can use Policy Express(PX) to build the logic.

Eg. Generate user email=<firstname><lastname>@abc.com

This PX will be trigger after completion of AdminTask "Create User", then User's email in Corp Directory will be updated.

Once the "Create User' task is fully completed. In the Corp Directory userstore. You will see

empployeeid=1001

firstname=John

lastname=Smith

email=JohnSmith@abc.com"

** The above is just the creation of user in Corp Directory. If you want to automate the creation of AD account, just add more PX to handle the task.

** As long as ur input file field name is the same as AdminTask "Create User" form, the value will update automatically.

** If you have certain field that need to be "computed" like email, then use PX or BLTH

Hope you get the idea.

regards,

William

All that is something we already do, but it requires the creation of specific tasks, blth code, and policy express combinations for each load.

We do hundreds of these loads a year for different business cases.

The directory and groups may and usually different every go.

That is the tricky part.