When you select New > Server from the context menu in the
Outline view or in the Modeler, you now see a much simpler server creation dialog
box that allows you to set the Identity Manager version. Simple error checking
makes sure that you specify a well-formed DN and that the server name and context
are unique.
A DirXML mapping table is used by a DirXML Script policy to map a set of values to another set of
corresponding values.
A DirXML mapping table consists of a top level <mapping-table> that contains
a set of <col-def> elements and a set of <row> elements. A <col-def>
defines the name of each column and the type that it contains. A <row>
consists of a set of <col> elements. DirXML script uses <token-map>
to map a value using a specified key column to a different value or values in
a specified value column.
You can use these mapping tables in the Policy Builder by using a verb inside
of Argument Builder. The Argument Builder allows you to choose a map (table)
and then choose a source column and a destination column. The DirXML Script
<Token-map> element is the element that is built from this information.
A new feature of the Identity Manager 3.5 engine allows you
to configure a list of extension functions that are loaded when a driver is
started. These extension functions must be contained in an ECMAScript resource
file that is included in the Extension Function list on the properties of a
Driver. The functions defined in the resource file are referenced from DirXML
Script or Stylesheet policies. The following image shows the properties page
of a driver where the extension functions are configured.
To add an object to the list, select Add, then browse to the ECMAScript object
in the Designer model. Only ECMAScript resource objects can be selected in the
model browser. The extension functions are loaded by the Identity Manager engine
in order from top to bottom. You can modify the order by selecting an object
and clicking Up and Down to the right of the table.
In addition to managing Credential Provisioning, Mapping Table,
and ECMAScript resources, Designer allows you to you to create and manage custom
XML and text resources. For more information on resource objects, see the Policy
documentation.
The dynamic driver property page reads the labels and descriptions
of the "Authentication ID" and "Connection Information" fields from the driver
configuration file that was used to create the driver and to substitute the
default values. This helps putting the right information in the right format
into the right field. It also removes the confusion that occurs when the Driver
Import Wizard asks for information with a name that differs from the name on
the property page.
When you click the 'i" button next to the dynamic field,
a small information dialog box opens. The same message is shown as a tooltip
when you hover the mouse over the "i".
Default labels:
Dynamically replaced labels and description:
Information Dialog:
Because Designer is an offline modeling tool, validation is
based on form only and not on actual live content. We have added some new regular
expression widgets for inline DN validation. You can find these widgets in the
following places:
|
You can now manage engine controls from the driver properties
page.
The Identity Management engineering team introduced new naming
conventions for driver configuration files. These conventions allow us to simultaneously
ship multiple versions of the same configuration file. Previously, Designer
always shipped with only the latest version of a configuration file. In fact,
Designer shipped with configuration files that only worked with the latest engine
and Designer or iManager. Therefore, Designer was not fully backward compatible
in its UI.
As a result, Designer now ships with all 90 driver configs for all Identity Manager
versions that are still supported.
In addition to the new naming conventions, Designer has received
an improved Driver Import Dialog. This new dialog makes use of the new naming
conventions when building up the list of available driver configurations for
an application.
We also changed how the list is built in another way: The main name of the
configuration file is no longer the filename. Instead the name is whatever the
developer put into the "description" attribute on the root node of the driver
configuration XML. If this description attribute is empty or nonexistent, the
dialog falls back to the file name.
The following figures illustrate the new Driver Import dialog box. The Driver
Configuration Wizard now gives much more information than in the past.
|
|
We now tracking the Identity Manager version within Designer.
Filtering functionality is based on this version information. In the case where
multiple servers are associated to a driver set, Designer calculates an "effective
engine version," which is essentially the earliest Identity Manager version
in the driver set.
If you want to use the latest 3.5 features, it is important that all servers
belonging to the driver set are upgraded to 3.5. This version can be manually upgraded
or downgraded from the server properties page.
Additionally, a "live update" button retrieves current Identity Manager and
eDirectory version information on the server properties page. The new Add Server
dialog box allows you to specify version information while an Identity Vault
is being created.
The log level page now renders dynamic version widgets next to any log event
that is not supported by your effective Identity Manager version. For Designer
2.0 M5, we have added support for the new Identity Manager 3.5 log events: Set
SSO Credential, Clear SSO Credential and Set SSO Passphrase. See the Credential
Provisioning Policies documentation for more information about these events.
If you attempt to access a feature that isn't supported by your current effective
IDM version, you see a dialog similar to the following figure:
Designer allows you to scan the default notification template directory and get all the templates
that are not in the current template collection.
The driver properties page now displays the driver version per server.
A live update button next to this table retrieves the latest
version information, if it is available. The driver version displays
as unavailable if the driver or associated servers do not exist in
eDirectory. If the driver and server exist in eDirectory and the driver
has been run at least one time, the live update button retrieves the
driver version.
 |
Other Enhancements & Bug Fixes |
|