KSEB1 Absent Member.
Absent Member.
295 views

roles creation

Hi,

IDAM system installed in windows server,We want to create new roles in IDAM,Can please provide the documents for creating and managing roles in IDAM.

Thanks.
Labels (1)
0 Likes
3 Replies
Knowledge Partner
Knowledge Partner

Re: roles creation

On 5/31/2019 3:24 AM, KSEB wrote:
>
> Hi,
>
> IDAM system installed in windows server,We want to create new roles in
> IDAM,Can please provide the documents for creating and managing roles in
> IDAM.


You can create a Role via a SOAP call to createRole() in the
https://server:port/IDMProv/role/service endpoint.

Fernando wrote a nice bash script that uses curl to send SOAP messages
if you pass in sufficient info. I wrote a wrapper that reads a CSV and
can bulk load data into his script so I can bulk load Roles if I need
to. (Alas, exporting I have not done, getting the right format for
import, though that would be useful).

You can use the GUI to do it in ID APps/User App.

You can call Create Role in IDM POlicy based on an event. (I.e. If a
group is created, you could make a Role based on that event).

Use case is meaningful here.


0 Likes
KSEB1 Absent Member.
Absent Member.

Re: roles creation

Hi,

Thanks for response.
In that previous reply i am not able to open the url:https://serverort/IDMProv/role/service.
requesting you can you please send correct url again.

Thanks.
0 Likes
Knowledge Partner
Knowledge Partner

Re: roles creation

On 5/31/2019 8:06 AM, KSEB wrote:
>
> Hi,
>
> Thanks for response.
> In that previous reply i am not able to open the
> url:https://serverort/IDMProv/role/service.
> requesting you can you please send correct url again.


Did you literally try https://serverort/ as the base URL or did you
replace it with your servers DNS name and proper port?

Now, there is no UI at the end point, it is meant to listen for incoming
HTTP PUT/POST requests for SOAP messaging.

The user interface prior to IDM 4.7.2 is
https://YourServerIpHere:YourPortHere/IDMProv

4.7.2 and higher it changes to
https://YourServerIpHere:YourPortHere/landing (or maybe /idmdash)

If you want to send a SOAP message, you can get the WSDL from:
https://YourServerIpHere:YourPortHere/role/service?wsdl (I think? Docs
say the specific link).

Then you can open the SOAP WSDL in a tool like SOAP UI, look for
createRole and see if you can fill in the fields. I agree this is not
the simpler approach.

You may find it simpler to use Fernandos bash script he wrote to do this
sort of call:
https://community.microfocus.com/t5/Identity-Manager-Tips/BASH-functions-to-perform-SOAP-calls-to-RBPM/ta-p/1775393

Just checked, he does have createRole in there.

I wrote some articles explaining how this script works, and how you
could extend it to add new functionality if you need it here:

https://community.microfocus.com/t5/Identity-Manager-Tips/Adding-New-Functions-to-the-UA-Bash-extension-Part-1/ta-p/1776067

https://community.microfocus.com/t5/Identity-Manager-Tips/Adding-New-Functions-to-the-UA-Bash-extension-Part-2/ta-p/1776070

https://community.microfocus.com/t5/Identity-Manager-Tips/Adding-New-Functions-to-the-UA-Bash-extension-Part-3/ta-p/1776102

Then I specifically addressed createRole since I wanted more info in my
Role specified:
https://community.microfocus.com/t5/Identity-Manager-Tips/Enhancing-the-UA-Bash-extension-for-createRole/ta-p/1776110

Then some more:
https://community.microfocus.com/t5/Identity-Manager-Tips/Enhancing-the-UA-Bash-extension-for-the-Provisioning-Endpoint/ta-p/1776922

https://community.microfocus.com/t5/Identity-Manager-Tips/Enhancing-the-UA-Bash-extension-for-Resources/ta-p/1776113

https://community.microfocus.com/t5/Identity-Manager-Tips/Enhancing-the-UA-Bash-extension-for-modifyResource/ta-p/1776690


Read all that, and lets see if you have anything specific. None of this
is official docs, sorry, just stuff I wrote a year or three ago.



0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.