Identity Manager 3.5 contains new functionality, including architecture changes, new objects called resource objects, and new functionality in DirXML® Script.
Identity Manager 3.5 changes the architecture of how policies are referenced by the drivers. This change requires that drivers be upgraded in order to, to take advantage of resource objects. For more information about the architecture change, see Section 2.0, Upgrading Identity Manager Policies.
Resource objects store information that drivers use. The resource objects can hold arbitrary data in any format. Novell® Identity Manager 3.5 contains different types of resource objects, including ECMA Script, Mapping Tables, Policy Libraries, and a generic resource object. See
Storing Information in Resource Objects
in the
Policies in Designer 2.1
or
Storing Information in Resource Objects
in the
Policies in iManager for Identity Manager 3.5.1
.
DirXML Script contains the following new functionality:
DirXML Script allows for the use of variables in policies, and includes predefined variables. For more information, see Section 4.2, Variables and Section 4.3, Variable Expansion.
A Notrace attribute has been added to all <rule>, <and>, <or>, <if>, <do>, and <token> tags. The Identity Manager engine does not output any trace messages for the these tags when the Notrace attribute is set to On.
The
If Password
condition supports the equal and not equal operators.
The
If Association
,
If Operation
, and
If Password
conditions now support various modes for comparisons.
The of less than, not less than, greater than, and not greater than operators are supported by the following conditions:
The optional before attribute allows you to insert XML text before another XPath expression that is evaluated against the original matched expression. The following actions support the before attribute:
The scope attribute allows you to set the scope for variables in the policies. The following elements now support the scope attribute:
Passwords can be used with the following actions:
The
Send Email
and
Send Email from Template
actions now allow for the use of custom SMTP headers.
The counter-use, counter-patter, and on-unavailable attributes have been added to give more flexibility to the
Unique Name
token.
The
Set Destination Password
and the
Set Source Password
actions allow you to set a password for a specific DN or association.
The new DirXML Script functionality makes it easier to use Policy Builder instead of using XSLT style sheets. For information on how to use the new DirXML Script elements in Designer, see the following sections: