Thursday, May 6, 2021

SailPoint IdentityIQ: Type of Rules

Creation Rule: 
Identity creation rules are used to set attributes on new Identity objects when they are created.  New identities may be created during the aggregation of application accounts, or optionally created after pass-through authentication.

One common operation is to change the name property of the identity when the default application name is complex (such as a directory DN).

Another common operation is to assign a set of initial capabilities based on the attributes pulled from the application account.

Use Case: Generate user email, set password

Customization Rule:

This rule is configured on the application and is called after the connector has build a ResourceObject from the native application data.

Initially designed for non-rule based connectors to add SPPrivileged flag to an object, but could be used to do any transformations.

Use Case: Set IIQDisable flag to set account status


<WIP>

at No comments:
Labels: , ,

Sunday, May 2, 2021

HOST XXX.XXX.XX.X is not allowed to connect to this MySQL server

I created an OEL VM and installed a My SQL server. For ease of access, I installed SQL developer on my local windows 10 machine.

After installing the my sql driver in SQL developer and trying to connect to the DB, I got the following error:


My SQL Server was not configured to receive any external request


Granted the permissions


Problem Resolved




at No comments:

Mouse Pointer Stuck Inside VM VirtualBox - Change Host Key

If you using VirtualBox and your mouse pointer is stuck inside the guest's(VM) window. This is by design. When you are using the VM, the keyboard and mouse input go there. If you want to switch this to host, a specific key can be configured, called as "Host Key" (great name)

Default Host Key

Windows: right Ctrl - Press right Ctrl on Windows to unstuck your mouse pointer

macOS: left Cmd

You can also change this key to any other key in VirtualBox settings:





Look into Guest Addition to get rid of this dependency




at No comments:
Labels: , , ,

Tuesday, March 9, 2021

SailPoint IdentityIQ - Knowledge Assessment & Interview Questions - All Levels

This post will be a work in progress and plans to be a comprehensive guide for self assessment and interview questions of IIQ  

Level: Beginner to Advanced

  • What is IGA
  • What is IIQ?
  • What is IIQs latest version?
  • What is an identity?
  • What is an identity cube?
  • What is provisioning?
  • What is aggregation?
  • What does 'Refresh Entitlement Correlation' task do?
  • What does 'Identity Refresh' task do?
  • What is the meaning of option 'Refresh assigned, detected roles and promote additional entitlements' in 'Identity Refresh' Task?
  • What is the meaning of option 'Provision assignments' in 'Identity Refresh' Task?
  • What is the meaning of option 'Disable deprovisioning of deassigned roles' in 'Identity Refresh' Task?
  • What is the meaning of option 'Refresh role metadata for each identity' in 'Identity Refresh' Task?
  • What is the meaning of option 'Process Events' in 'Identity Refresh' Task?
  • How do you rename the attribute 'User Name' to a custom value, say 'Corporate ID'?
WEB-INF/classes/sailpoint/web/messages/iiqCustom.properties 
att_user_name=Corporate ID

  • How is attribute 'User Name' populated?
  • How to add a column on 'Identity Warehouse' page?
  • How to extend the identity schema?
  • What are capabilities?
  • What are workgroups?
  • How the change the spadmin's default password?
  • How many types of policies can be created in IIQ?
  • What is a Role SOD Policy?
  • What is an Entitlement SOD Policy?
  • What is an Activity Policy?
  • What is an Account Policy?
  • What is a Risk Policy?
  • What is an Advanced Policy?
  • Describe IIQs risk framework
  • What are extended attributes?
  • What are certifications?
  • How do you schedule a certification?
  • What are certification events?
  • What is a 'Manager' certification?
  • What is a 'Application Owner' certification?
  • What is a 'Entitlement Owner' certification?
  • What is a 'Advanced' certification?
  • What is a 'Role Membership' certification?
  • What is a 'Role Composition' certification?
  • What is a 'Account Group Permission' certification?
  • What is a 'Account Group Membership' certification?
  • Explain IIQ Reporting capabilities.
  • What are tasks?
Acts on object, scheduled
  • What are business processes?
Acts on object, event driven
  • What are Rules?
Beanshell logic, hooks to modify system behavior
  • <Insert>
  • <Insert>


<work in progress>


at No comments:
Labels: , , , ,

Saturday, February 6, 2021

Linux - Find commands that run with administrative privileges

 >find / -perm -u=s -type f 2>/dev/null

at No comments:
Labels: , ,

Tuesday, February 2, 2021

OKTA - Admin Roles

 

at No comments:
Labels: ,

Friday, January 29, 2021

SailPoint IIQ - URL to download IdentityIQ Deployment Accelerator

The IdentityIQ Deployment Accelerator is a plug-in for the free and popular Eclipse IDE that provides several features designed to make configuring and managing IdentityIQ easier.

Download URL -  https://sailpoint.github.io/epiiq/


at No comments:
Labels: , ,
Subscribe to: Comments (Atom)