I have been writing about the various plugins for Designer that people have written, in the hopes of getting word out to people who may not know about them.
I mentioned some written by Stefaan Van Cauwenberge and he has put a bunch of his plugins and tools available on his website at: http://vancauwenberge.info
There is a new one I have been helping the author by testing, that I would like to discuss called Parcel Service. Now that he has finally released it, I can post this article.
Lothar Haeger is pretty well known amongst IDM developers for at least three main reasons. First he maintains the PWNotify driver configuration. This is a loopback driver (or if you are Bundle Edition, an eDirectory driver that loops back on itself, so it does not violate the Bundle Edition license) that looks at Password Expiration Time and sends warning emails as you approach the expiration, when it has expired, and more.
As a side note, PWNotify supports only 3 notification windows and then an expired notice. I had a customer that wanted to send 11 notifications, (If it looks like spam, quacks like spam, it must be appropriate notifications, right?) so I wrote an add on Package for the PWNotify driver to give you as many notification intervals as you would like.
The second major thing he is known for is the Nagios plugin to monitor IDM. This is basically a Nagios compliant script that uses several monitoring tools to report on things that would be otherwise hard to monitor. It watches driver up and down status. Thus instead of monitoring eDirectory as a single process, it can tell if your drivers claim to be up or down. It can tell how old the oldest event in the cache is to know if your drivers are falling behind. If you use his add on package, you can have each driver write an event to demonstrate that not only is it up, it is processing events as well. It is a very clever usage of dxcmd for much of it, but having bundled it all together it is pretty easy to implement.
The third major thing is really a small piece of the PWNotify driver, which is an ECMAScript implementation of LDAPsearch. This is shockingly useful, since the Query token in IDM is limited in some ways that it queries. In LDAP you can do a query for a Time syntax attribute with a (passwordExpirationTime <= 201511210101Z) and it will return all users whose password would expire before that date. It can also query for objects with an absence of a value (!(passwordExpirationTime=*)) and more. These are things the Query token cannot do, and sometimes that is very handy.
An example would be an add on package I have for the Work Order driver. If you have 20,000 pending work orders, as a customer I worked with had, then every single polling interval, the shim reads back all 20,000, looks at the DirXML-DueDate, and kicks out those that are not yet due. One by one. This takes a reasonably long time. Now in reality, even with 20,000 it was only about 10 minutes, and if you had a 1 hour polling interval, at some level who cares. But it offended me for it's inefficiency. I used the ECMAScript LDAPsearch after intercepting the queries the shim sends, and changing the query to something very fast to return, and then doing an LDAP query for DirXML-DueDate < todaysDate which took about 20 seconds to return, but instead of returning 20,000 objects to be discarded, every object returned needed to be processed.
Recently Lothar showed me a Designer plugin he has been working on that he calls Parcel Service. This is an interesting solution to a problem that might only be endemic to consultants.
Packages are fun things and I really like them. You can tell, since I wrote a lot about them.
You can see from my above examples that I like delivering content in packages, since it makes it really easy and straightforward (once you get used to it) to put all the pieces of IDM content you need, into a 'thing' you can hand off to someone.
It is the mechanism of delivering this 'thing' to someone that needed the work that Lothar provides a solution.
When you start with a package, you create it in the Package Catalog of your project. You add content (Policy objects, Mapping Tables, Schema Maps, Filter Extensions, GCV Objects, whatever is needed) and when you are done, and ready to hand it over to someone, you 'Build' the package. This generates a JAR file, which is really just a ZIP of the bits of XML that make up the various pieces with some files for metadata to explain where the XML belongs in the driver.
When you Build a package, you get a tick box option to Release it. Once you have Released a package it is locked, the version number is finalized with the current timestamp in the version. (This can be a bit confusing since the version used to be 1.0.0.201511011010 since that is the moment you created the package, but then you finished working on it and selected to Build and Release it two weeks later and now the version is 1.0.0.201511150911 even though you did not ask Designer to change the version on you. But it does.) Releasing it locks it, so that there can not be a version with the same exact version, but different content. Now you get a new right mouse click menu option to Publish package in the Package Catalog.
To publish it, you specify the directory to find the JAR file, and the directory to publish it to. This directory will have the site.xml file, and the structure you would see if you looked at the Package Repositories that NetIQ maintains for their official packages. This means you can copy those files to a web server and share them with the world. (Or you can write directly to a mounted file system that a web server exposes to the world).
Go to Designer, Window menu, select Preferences. Expand the NetIQ, Package Manager nodes, and then select Online Updates. Add a new entry, give it a name and paste in that URL.
While you are at, go add Stefaan Van Cauwenberge's repository where he distributes one of his Designer plugins this way as well. (Which was very cool. Not just IDM Packages, but also plugins to Designer in the same mechanism! Neato!) https://raw.githubusercontent.com/scauwe/IDMSite/master/
At the moment he just has the Enhanced Dstrace I spoke of earlier there.
I have my Faster Work Order driver, a Load Balanced Exchange Mailbox add on (very simple, adds a Defer option in User App when defining a Resource value for Exchange), and the Multivalued attribute cleaner. I have a beta one where I put packages I want to let people play with but not take responsibility for, ask me if you want access, since again, it is beta.
Lothar and I have the same issue. When we work on a project for a customer, we want to build our delivered products in Packages as best we can. Packages are not 100% but 95% is way better than nothing. We want to deliver the content to the customer in a useful fashion, so we have a Package Repository to do it. But we also want to segregate content so that CustomerA gets their work product, CustomerB gets theirs, and the two do not get mixed up.
Yet we probably have common packages we want both to have, but probably not share with the rest of the world. They paid for some work, they get stuff we do not yet wish to give away for free.
Thus we do not have a single repository, we have many repositories. While my description of the Publish process does not sound onerous, it is a bit of a pain to have to go publish already created content again and again to each repository we set up. It is possible to just copy the files by hand and edit the site.xml to add new lines, but again that is more work than Lothar was clearly interested in, so he just went out and fixed that problem.
His Parcel Service add on, shows you all the file based local repositories (It does not work with http based repositories for good reasons) and allows you to copy content from one to another.
You access it by going to the Quick Access search in the upper left of Designer. This is a new feature in Eclipse where you can type a feature name (like Error, or Parcel) and it searches and shows you the Designer components that match the name. This makes finding a view really easy. Type in Parcel and select the first item after you install the plugin. (Which is just copy the JAR file to the Designer\plugins directory)
Then you see the view above. I have 5 file based repositories I made to test this for Lothar. You can see that the ViaAB one has some interesting packages that are also shown in the Installed category. The Installed category is a pseudo-repository, representing the actual set of packages installed to Designer. As you can see at the bottom, there are 1070/1070 shown in my list. If I filtered it using the line at the top, I would see the number returned over 1070.
What is interesting is that if you look at the last item in my list, MySQL, I have a version 0.0.4 that is NOT installed, but is in my file based repository. This was a beta item I was testing years ago and did not re-import into this newer Designer, but kept for testing.
So far, this is just a nice display tool. The magic occurs when you simply decide that I have a set of packages, that I wish to copy from one repository to another, or from my installed set of packages to a repository, by double clicking in the cell where I want it copied.
Thus if I were setting up a repository for a new customer, I would define it in Preferences as above. To deliver the work product to them, I would need to give them the LiQuid SOAP base engine package set, and then the add on package for their specific SOAP service, and probably add on custom logic for their use case, I could find those standard (for me, anyway) packages that I would be reusing double click on the cell in the column for their repository and a plus sign is shown there. But I probably want the SOAP base packages as well, so I could find those in the Installed column, and include the NetIQ ones which would otherwise be hard to do.
Then I could add in whatever other content. Perhaps offer them the stuff on my public repository as well, so with one change in their driver config, they could do it all.
When done, the Save button at the bottom right is unghosted (once a change has been made) and it would write the needed JAR files, edit the site.xml file in each file system directory that requires a change.
Possibly even more useful I could double click on the asterisk in a repository which would change it to a minus sign and when I click Save it will remove that package from the repository.
As you can see, if you need to manage more than one repository (actually more than zero!) then you need this plugin. It really makes life easier.
Cosmetically, I am told if I were running a newer version of Windows, the plus, minus and asterisks would be much prettier since there is a system font in Windows 8 and 10 that has prettier versions, but is missing in Windows 7. Oh well, I shall overcome this horrible disability somehow.
Overall I really like this plugin, since it solves a problem I was just beginning to have, before it became onerous.
Support
Documentation
Learning Services
Partner Programs