advertisement
Understanding Designer
Novell
®
Designer for Identity Manager
4.0.1
April 15, 2011
AUTHORIZED DOCUMENTATION www.novell.com
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the Novell International Trade Services Web page (http://www.novell.com/info/exports/) for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2008-2011 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Online Documentation: To access the online documentation for this and other Novell products, see the
Novell Documentation Web page (http://www.novell.com/documentation) .
Novell Trademarks
For a list of trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/ trademarks/tmlist.html) .
Third-Party Materials
All third-party trademarks are the property of their respective owners.
Contents
9
17
25
4 Workspaces, Perspectives, and Views
27
Contents 3
4 Understanding Designer for Identity Manager
5 Editors, Builders, and Wizards
83
91
Using the Architect View to Design Your Identity Environment . . . . . . . . . . . . . . . . . 95
Contents 5
6 Understanding Designer for Identity Manager
About This Guide
This guide is for anyone who wants to better understand how the Designer tool fits into the Identity
Manager framework. The guide also covers basic Designer concepts and features that are available.
Sections in the book include:
Chapter 1, “Designer Concepts,” on page 9
Chapter 2, “Getting Help,” on page 17
Chapter 3, “What’s New in Designer,” on page 25
Chapter 4, “Workspaces, Perspectives, and Views,” on page 27
Chapter 5, “Editors, Builders, and Wizards,” on page 83
Chapter 6, “Planning Identity Solutions,” on page 91
Appendix B, “Terminology,” on page 101
Appendix C, “Menu Options,” on page 103
Target Audience
Designer for Identity Manager was created for the following audiences:
Enterprise IT developers
Consultants
Sales engineers
Architects or system designers
System administrators
Designer is aimed at information technology professionals who:
Have a strong understanding of directories, databases, and the information environment
Act in the role of a designer or architect of identity-based solutions
You don’t need to be a developer or programmer to use Designer. Designer contains fourteen builders to help you build working policies and drivers, seven editors to assist you in editing projects, and wizards to help you build drivers. Designer also contains over thirty views to help you design and implement Identity Manager solutions. Experienced users can bypass the wizards and interact directly at any level of detail.
Feedback
We want to hear your comments and suggestions about this manual and the other documentation included with this product. Please use the User Comment feature at the bottom of each page of the online documentation, or go to www.novell.com/documentation/feedback.html and enter your comments there.
Documentation Updates
For the most recent version of Understanding Designer for Identity Manager 4.0.1, visit the Identity
Manager documentation Web site (http://www.novell.com/documentation/idm401/index.html) .
About This Guide 7
Additional Documentation
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide
Identity Manager 4.0.1 Integrated Installation Guide
Identity Manager 4.0.1 Overview Guide
Understanding Policies for Identity Manager 4.0.1
Policies in Designer 4.0.1
Novell Credential Provisioning for Identity Manager 4.0.1
Identity Manager 4.0.1 DTD Reference
Identity Manager 4.0.1 driver guides (http://www.novell.com/documentation/idm401drivers/)
8 Understanding Designer for Identity Manager
Designer Concepts
Designer for Identity Manager helps you design, test, document, and deploy Identity Manager solutions in a network or test environment. From a design perspective, Designer helps you graphically see all of the components that make up your Identity Manager solution and how they interact. From a test perspective, Designer enables you to modify your Identity Manager implementations to ensure they perform as expected.
From a document perspective, Designer keeps track of your design and layout information and presents that information in a format of your choosing with the simple click of a button. From a deployment perspective, Designer allows you to deploy and enable part or all of your Identity
Manager solution into your actual networking environment. In addition, Designer enables teams to share work on enterprise-level projects.
Section 1.1, “How Identity Manager Works,” on page 9
Section 1.2, “How Designer Works with Identity Manager,” on page 12
Section 1.3, “Designer Features,” on page 14
Section 1.4, “Administration Tools,” on page 15
1.1 How Identity Manager Works
Novell Identity Manager is a collection of products that provide the following capabilities:
Section 1.1.1, “Data Synchronization,” on page 10
Section 1.1.2, “Workflow,” on page 11
Section 1.1.3, “Role Assignments,” on page 11
Section 1.1.4, “Attestation,” on page 11
Section 1.1.5, “Self-Service,” on page 11
Section 1.1.6, “Auditing and Reporting,” on page 11
Identity Manager provides these capabilities through a number of components, as shown in the following figure:
1
Designer Concepts 9
Figure 1-1 Identity Manager Functionality
Managed
Systems
Workflow
Application
Driver
Remote
Loader
User
Application
Driver
Role
Service
Driver
Identity
Vault
Roles &
Attestation
Self-Service
Auditing
User
Application
Reporting
Identity
Reporting
Warehouse
Adobe
Event
Auditing
Service
Analyzer
Managed
System
Gateway
Driver
Data
Collection
Services
Driver
Designer
Role Mapping
Administrator to
MSGW
Driver from
DCS
Driver
Report Data
Collector
Event-Driven
Data Collector
Non-Managed
Application
Data Collector iManager
Identity
Reporting
Report
Content
Package
Browser UI
Non-Managed
Application
Rest End Point
Integration
API
For more information on how Identity Manager components work together, see the Identity
Manager 4.0.1 Overview Guide manual.
1.1.1 Data Synchronization
Simply put, data synchronization is the ability to move data that has been changed in one location to a different location. Data synchronization can include password synchronization, but it is not limited to that because Identity Manager can synchronize any data that is stored in a connected system that has access to the Identity Vault.
Data synchronization, including password synchronization, is provided by the five base components of the Identity Manager solution: the Identity Vault, Metadirectory engine, drivers, Remote Loader, and connected applications. For more information about data synchronization, see “ Data
Synchronization ” in the Identity Manager 4.0.1 Overview Guide .
10 Understanding Designer for Identity Manager
1.1.2 Workflow
Through the User Application, Identity Manager provides the means to perform such functions as workflow approval, role assignments, attestation, and identity self-service. The User Application is a browser-based Web application that allows you to initiate provisioning and role assignment requests, as well as manage the approval process for these requests.
Workflow approval allows users to request access to networking resources, which can include an approval process involving one or more managers. For more information about the User
Application, see “ Workflow ” in the Identity Manager 4.0.1 Overview Guide .
1.1.3 Role Assignments
Role assignments allow users to receive access to network resources that have been assigned to them. You can receive access to role assignments either at an individual level or at a group membership level.
The Roles Mapping Administrator can create new roles; modify existing roles; remove roles; modify relationships between roles; grant or revoke role assignments for users; and create, modify, and remove Separation of Duties constraints. For more information about roles-based provisioning, see the Identity Manager Role Mapping Administrator 4.0.1 Installation and Configuration Guide .
1.1.4 Attestation
Attestation allows your organization to assure that user access to resources does not break any corporate or government regulations. Using this process, individual users can validate their own profile information, and roles managers can validate role assignments and Separation of Duties violations.
For more information about attestation, see “ Roles and Attestation ” in the Identity Manager 4.0.1
Overview Guide .
1.1.5 Self-Service
The self-service capabilities of Identity Manager allow users to edit their own profiles, search a directory, change their passwords (including password hints and challenge responses), review password status, and, if authorized, create accounts for new users or groups. If you are an administrator, you can also view reports on the applications that are associated with a user.
For more information about Identity Manager’s self-service capabilities, see “ Self-Service ” in the
Identity Manager 4.0.1 Overview Guide .
1.1.6 Auditing and Reporting
Identity Manager uses a Platform Agent to capture events from the Identity Vault and tracks those events through either the Event Auditing System or the Novell Sentinel system. The Event Auditing
System collects identity information and events from the Identity Vault, administration tools, and
Identity Manager. Novell Sentinel is a security information and event management (SIEM) solution that automates the collection, analysis, and reporting of system network, application, and security logs.
Designer Concepts 11
For a more complete introduction to the Event Auditing System, see “ Auditing, Reporting, and
Compliance ” in the Identity Manager 4.0.1 Overview Guide . For a more complete introduction to auditing and reporting, see:
Novell Sentinel site (http://www.novell.com/products/sentinel/)
Identity Manager 4.0.1 Reporting Guide for Novell Sentinel
Identity Manager Reporting Guide (http://www.novell.com/documentation/idmrbpm401/ index.html)
1.2 How Designer Works with Identity Manager
Designer for Identity Manager is a powerful, graphical toolset that works on Windows or Linux workstations or laptops. Designer is self-contained, with a complete help system as part of the software. This allows you to take a laptop anywhere to work on your Identity Manager solution.
Designer helps you plan, design, test, document, and deploy Identity Manager solutions in a network or test environment. Designer does this through a series of windows called “views,” as well as a number of builders, wizards, and editors.
Figure 1-2 The Outline View, Modeler, and Palette in Designer
Section 1.2.1, “Planning,” on page 13
Section 1.2.2, “Designing,” on page 13
Section 1.2.3, “Testing,” on page 13
12 Understanding Designer for Identity Manager
Section 1.2.4, “Project Documentation,” on page 13
Section 1.2.5, “Deployment,” on page 13
1.2.1 Planning
Designer allows you to set up complete Identity Manager solutions in a test environment so you can work through any problems before deploying the solution into an actual work environment.
The Project view has directories that allow you to use drag and drop to store plans, documents, and figures pertaining to your Identity Manager solution.
For more information on planning your Identity Manager solution, see
Identity Solutions,” on page 91 .
1.2.2 Designing
Designer can help you graphically see all of the components that make up your Identity
Manager solution and how they interact with each other.
The Architect view in the Modeler gives you icons and a graphics area to help you organize and visualize your Identity Manager environment. For more information on the Architect view, see
“ Architect Mode ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
The Developer view in the Modeler allows you to design and configure the components that make up your Identity solution. For more information on the Modeler view, see “ Creating a
Model ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
1.2.3 Testing
Designer allows you to modify your Identity Manager implementations in a test environment to ensure that they perform as expected.
Designer is team-enabled, allowing teams to share work on enterprise-level projects. Through the Version Control view, teams can work on the same solutions, share policy procedures, and keep track of who make changes to objects. For more information on the Version Control view, see “ Version Control ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
1.2.4 Project Documentation
Designer keeps track of your design and layout information in a project and can present that information in a format of your choosing with the simple click of a button.
Using Designer to document your Identity Manager solution can save you weeks or months of gathering and writing driver specifications and their implementations. For more information on documenting your projects, see “ Documenting Projects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
1.2.5 Deployment
Designer allows you to deploy and enable part or all of your Identity Manager solution into your actual networking environment.
Designer Concepts 13
Through the Import feature, you can import tested solutions or parts of a project from a test or working environment. For more information on importing, see “ Importing into Designer ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
After you have a tested solution that is ready for deployment, you can use Designer’s Deploy feature to place that project into production. For more information on deploying a project, see
“ Deploying and Exporting ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration
Guide .
1.3 Designer Features
Section 1.3.1, “Highly Productive Environment,” on page 14
Section 1.3.2, “Tools for Developers,” on page 14
1.3.1 Highly Productive Environment
The following Designer features help you be more productive:
A disconnected mode that enables you to work from your laptop when you’re on the go
Strong visual editors, minimal pop-ups, and well-synchronized views maximize productivity
Powerful window, view, perspective, and tool management
Designer is team-enabled, allowing teams to share work on enterprise-level projects through the Version Control view
Dozens of wizards and builders help you configure projects and policies
Auto-creation of objects, auto-value, auto-connection, auto-layouts
Strong copy/paste functionality within and across editors
Full keyboard support in all editors
Full undo/redo functionality in most editors and views
Ability to scale the UI from basic to more advanced views
Ability to filter key views to see as much or as little as you need to see
Integrated XML editor with syntax highlighting, auto-suggest, and search and replace capabilities
Very efficient, compact, powerful, and productive off-line schema management tools
Value history on many fields to reduce typing
Many preferences and settings that can help you customize the UI to fit how you want to use
Designer
Logs and traces that are easy to access and view
Thorough contextual help and a powerful searchable help system
Quick and easy installation
Auto-update notifies you of any updates and easily pulls them in
1.3.2 Tools for Developers
Easily add and model something that is not in the shipping version of Designer.
14 Understanding Designer for Identity Manager
For example, you can add your own applications, drivers, resources, and icons.
Configure Designer to use a different editor.
You can configure all file types (for example, .xml and .txt
) to use your text editor of choice.
Eclipse-based text editors work best, but you can also include various artifacts (for example, word processing documents and spreadsheets). Your system’s native text editor is automatically integrated into Designer if the platform supports it.
Develop and debug in Java.
If you install Designer plug-ins into a full Eclipse install, you can perform Java development and debugging, ANT, C#, and UML modeling, all in the same tool alongside Designer. This has particular value to Identity Manager driver writers (Java or C) who want the tools all together.
Use public APIs.
Identity Manager uses fully published public Eclipse APIs as an underlying project data model that is consistent with open industry standards in its format, along with published Eclipse extension points.
With an off-the-shelf Eclipse book and knowledge of our extension points, you should be able to contribute very rich content to Designer. There are books, resources, and forums in the
Eclipse community to address most of your needs. For further information, see Eclipse
Resources (http://www.eclipse.org/resources/) .
1.4 Administration Tools
Identity Manager contains multiple tools to assist you in setting up and configuring a working
Identity Manager solution. These are Analyzer, Designer, iManager, the Role Mapping
Administrator, and the User Application administration console.
Analyzer is an Eclipse-based identity management toolset that helps you ensure that internal data quality policies are adhered to by providing data analysis, data cleansing, data reconciliation, and data monitoring and reporting. Analyzer lets you analyze, enhance, and control all data stores throughout the enterprise.
iManager and Designer have similarities, but their features and user experience are optimized for their respective target users and environments. Designer is a planning and design tool, and iManager is a real-time administrator tool. They are compatible. However, package management is only done through Designer. iManager is package-aware, but it can’t support package management.
iManager is a browser-based tool that provides a single point of administration for many Novell products, including Identity Manager. By using the Identity Manager plug-ins for iManager, you can manage Identity Manager and receive real-time health and status information about your Identity
Manager system.
The Role Mapping Administrator is a Web service that discovers authorizations and permissions that can be granted within your major IT systems. It allows business analysts, not just IT administrators, to define and maintain which authorizations are associated with which business roles.
The User Application provides a Web-based administration console that allows you to configure, manage, and customize password self-service, roles, and provisioning. The administration console is added as an Administration tab in the User Application for anyone who has been assigned administrative rights.
These tools can help you to implement a viable Identity Manager solution into your organization.
Designer Concepts 15
16 Understanding Designer for Identity Manager
Getting Help
You can find information about Designer in its local help system, in the readme.txt file, and in the online documentation. Information in the help system is not localized. If you need localized information, refer to the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide on the
Novell documentation Web site (http://www.novell.com/documentation) .
Section 2.1, “Help from the Welcome Page,” on page 17
Section 2.2, “Browsing for Information,” on page 18
Section 2.3, “Getting Context-Sensitive Help,” on page 20
Section 2.4, “Getting Help from the Web,” on page 20
Section 2.5, “Viewing Demos,” on page 21
Section 2.6, “Searching for Information,” on page 22
Section 2.7, “Customizing the Browser and Help Server,” on page 22
2.1 Help from the Welcome Page
When Designer starts, a Welcome page appears and makes it easy for you to get started.
Figure 2-1 The Welcome Page
2
Getting Help 17
Table 2-1 Options on the Welcome Page
Option
Overview
What’s New
Tutorials
Web Resources
Run Designer
Description
Provides an overview of Designer and Identity
Manager.
Describes what’s new in this release.
Enables you to update Designer.
Links to the Readme file.
Launches Flash demos of some Designer tasks.
Provides links to online information and downloads.
Takes you to the Designer program.
The icons on the toolbar take you to the Welcome page, toggle between previous and next pages, and enable you to customize the Welcome page.
Figure 2-2 Icons on the Toobar
You can close the Welcome page at any time by clicking the X next to Welcome.
Figure 2-3 The Close Icon
To return to the Welcome page, click Help > Welcome.
2.2 Browsing for Information
To navigate all of the help topics, you can use a built-in Web browser:
1 From Designer’s main menu, select Help > Help Contents.
18 Understanding Designer for Identity Manager
The text under Using the Eclipse help system describes the icons that help you navigate and use the Help system.
2 In the Contents pane, select Designer for Identity Manager.
3 Navigate to the topic that you’re interested in.
Getting Help 19
or
Select the Index icon in the Contents pane to see an index of the topics.
2.3 Getting Context-Sensitive Help
1 Press F1 or click the Help icon .
If you maximize an editor (for example, the Modeler), help topics do not display when you press F1. To view the help, minimize the editor.
2 Click links under About and Dynamic Help.
2.4 Getting Help from the Web
To view results found through Google or in the Eclipse help system:
1 Select Help > Search.
2 Type text in the Search expression field, then click Go or press Enter.
3 Click Web Search.
20 Understanding Designer for Identity Manager
Figure 2-4 Related Topics in Google and Eclipse
2.5 Viewing Demos
To see how Designer works, view the Flash demos that are available on the Welcome page:
1 Select Help > Welcome.
2 Select the Tutorials icon.
3 Select a demo:
Model Projects
Import
Create a Workflow
Manage and Simulate Policies
Documentation Generation Overview
Getting Help 21
2.6 Searching for Information
1 Select Help > Search.
2 Type a topic in the Search field, then click Go.
You can also select Help > Help Contents, then use the Search option above the Contents pane, or click Search at the bottom of the context-sensitive Help view.
2.7 Customizing the Browser and Help Server
1 From the main menu, click Window > Preferences.
2 Select Help, make changes, then click OK.
Because Designer is built on Eclipse, you are able to use Help server functionality, as a development tool for building your own tools. If you have a team environment where the entire team is using Eclipse, you might want to set up a common Help server, and then use that server for help files and content.
For more information on Help and the Help server:
See “ Help ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Go to the Eclipse Web site.
3 (Optional) Expand Help, then click Content.
22 Understanding Designer for Identity Manager
4 (Optional) Click Include help content from a remote infocenter.
5 Click Add, then fill in the following fields for the remote help server:
Name: Specify a name for the remote help server.
Host: Specify the IP address or DNS name of the remote help server.
Path: Specify the path to the help files on the remote help server.
Use default port: Click this option if you want to use the default port.
Use port: Click this option, then specify the custom port.
6 (Optional) Click OK. to add the help server information.
7 Click OK to close the Help Content page.
Getting Help 23
24 Understanding Designer for Identity Manager
What’s New in Designer
Designer is constantly being updated with new features and enhancements. To find out what’s new in Designer:
1 Run Designer for Identity Manager.
2 Click Help > What’s New.
3
You can also click Help > Help Contents > Designer for Identity Manager > What’s New in
Designer.
In addition, Designer’s auto-update feature notifies you of new features so you can download them to have the most current version of Designer.
What’s New in Designer 25
26 Understanding Designer for Identity Manager
Workspaces, Perspectives, and
Views
Designer has many views to help you manage your projects. Many of these views help you manage the different elements that appear in the Modeler view and give you a different perspective on the projects you are creating.
For instance, the Project view shows all of the projects you have created, and the Outline view shows all of the objects that have been created and added to the project. The Navigator view shows all of the files that have been created for the project and their respective file types and locations.
For information on the Modeler view and its functions, see “ Creating a Model ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide . For information on policies, see Understanding
Policies for Identity Manager 4.0.1
and Policies in Designer 4.0.1
.
Section 4.1, “Specifying the Workspace,” on page 27
Section 4.2, “Project File Format,” on page 28
Section 4.3, “Managing Perspectives,” on page 29
Section 4.4, “Managing Views,” on page 31
Section 4.5, “The Project View,” on page 39
Section 4.6, “The Outline View,” on page 42
Section 4.7, “The Navigator View,” on page 64
Section 4.8, “Policy Set View,” on page 68
Section 4.9, “The Properties View,” on page 70
Section 4.10, “The Search Results View,” on page 73
Section 4.11, “The Tasks View,” on page 74
Section 4.12, “The Trace and Error Log Views,” on page 79
Section 4.13, “The Dataflow View,” on page 80
Section 4.14, “The Project Checker,” on page 80
4.1 Specifying the Workspace
A workspace is a directory on your local hard drive where your projects and settings are stored. You specify your workspace directory each time you launch Designer, unless you select the Use this as
the default and do not ask again option to skip the Workspace Launcher window.
4
Workspaces, Perspectives, and Views 27
Figure 4-1 Selecting a Workspace Directory
The default workspace directory for a Designer 3.0 and above on a Windows workstation is
Documents and Settings\username\designer_workspace .
IMPORTANT: Earlier Designer workspaces are not compatible with Designer 3.0 and above.
Designer stores projects and configuration information in a workspace. These workspaces are not compatible from one version of Designer to another. You need to point Designer 4.0.1 to a new workspace, and not to a workspace used by a previous version of Designer.
If you have Designer 2.x or 3.0 Milestone projects, you can import the projects into Designer 4.0.1
(File > Import > Project from File System). Be sure the Copy project into the workspace option is selected. Importing the project runs the Converter Wizard, making the project compatible with
Designer 4.0.1 architecture and placing it under your designated Designer 4.0.1 workspace directory
( designer_workspace by default).
You can switch to another workspace by selecting File > Switch Workspace > Other. Select or type the name of the different workspace. Designer quickly restarts, loads the new workspace, and loads any projects and settings you have in that workspace. If the workspace doesn’t exist, Designer creates it. Do not use previous Designer workspaces with Designer 3 and above.
For quick access, the most recently used workspaces appear when you select File > Switch
Workspace.
You can have multiple workspaces.
4.2 Project File Format
All projects are stored on the file system in a directory. By default, this is in the C:\Documents and
Settings\Username\designer_workspace directory on a Windows workstation. However, you can specify a different directory when you create the project. (See “ Creating a Project ” in the
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .) All of your data and graphical layout information is saved in a directory corresponding to the project name. For example, the following files and directories are stored under the \designer_workspace3\Blanston01 directory:
28 Understanding Designer for Identity Manager
Figure 4-2 Local Directory Structure
The main file in the project’s directory is the .proj file. This file uses an industry-standard XML format called XMI (XML Metadata Interchange Format). You never need to directly edit this file.
4.2.1 What is XMI?
XMI enables easy interchange of metadata between modeling tools and between tools and metadata repositories in distributed heterogeneous environments. XMI integrates three key industry standards:
XML (Extensible Markup Language, a W3C standard)
UML (Unified Modeling Language, an Object Management Group (OMG) modeling standard)
MOF (Meta Object Facility, an OMG modeling and metadata repository standard)
The integration of these three standards into XMI combines the best of OMG and W3C metadata and modeling technologies. The integration enables developers of distributed systems to share object models and other metadata. XMI, together with MOF and UML, forms the core of the OMG repository architecture that integrates object-oriented modeling and design tools with each other and with a MOF-based extensible repository framework.
For more information about XMI, go to XML Metadata Interchange (XMI) (http://www.oasisopen.org/cover/xmi.html) .
4.3 Managing Perspectives
A perspective is a collection of related views and editors. To get to the perspective choices, select
Window > Open Perspective. The following perspectives are available:
Debug: Used for XML development.
Designer (default): Provides views (for example, Project, Outline, Property, and Tasks) and editors (for example, the Modeler or the Policy Editor) to help you design and deploy Identity
Management solutions.
Java/Java Browsing: Used for Java development.
Java Type Hierarchy: Optimized for use with the Hierarchy view for Java projects.
Plug-in Development: Used for developing the Eclipse plug-in applications.
Resource: A generic perspective. You can use this perspective for projects other than Designer.
Team Synchronizing: Used for comparing the local project with the version controlled project.
Use the following information to manage each perspective.
Section 4.3.1, “Opening a Perspective,” on page 30
Workspaces, Perspectives, and Views 29
Section 4.3.2, “Resetting a Perspective,” on page 30
Section 4.3.3, “Closing a Perspective,” on page 30
4.3.1 Opening a Perspective
The Designer perspective should be open and active the first time you run the application. If you close the perspective and want to reopen it, use menus or the Perspective Bar.
“Using Menus to Open a Perspective” on page 30
“Using the Perspective Bar to Open a Perspective” on page 30
Using Menus to Open a Perspective
1 On the main menu, click Window > Open Perspective.
2 Select Designer, then click OK.
Using the Perspective Bar to Open a Perspective
1 On the main Perspective Bar (found on the right side, on the same level as the toolbar), click the Perspective Switcher icon.
2 From the list, select Designer, then click OK.
4.3.2 Resetting a Perspective
After moving or resizing items in the Modeler workspace, you might want to return your perspective to its original layout. To quickly reset items in the workspace:
1 From the main menu, click Window.
2 Click Reset Perspective.
4.3.3 Closing a Perspective
Do one of the following:
On the main menu, select Window > Close Perspective (or Close All Perspectives).
30 Understanding Designer for Identity Manager
Figure 4-3 Options to Close a Perspective
On the Perspective Bar, right-click the perspective, then click Close.
4.4 Managing Views
Views enable you to view or edit projects.
Section 4.4.1, “Available Views In Designer,” on page 31
Section 4.4.2, “Opening a View,” on page 36
Section 4.4.3, “Moving a View,” on page 37
Section 4.4.4, “Minimizing and Maximizing Views,” on page 37
Section 4.4.5, “Closing a View,” on page 38
Section 4.4.6, “Reopening a View Window,” on page 38
Section 4.4.7, “Using Fast Views,” on page 38
4.4.1 Available Views In Designer
Below is a list of all of the views that are available to you in Designer. The view names are followed by a brief description and a cross reference to more information. The views are broken into two groups: the views that appear in the Window > Show View option and the views that appear in the
Window > Show View > Other option. Some views are listed in both locations.
Workspaces, Perspectives, and Views 31
Figure 4-4 Selecting a View
“Views in the Window > Show View Option” on page 32
“Views in the Window > Show View> Other Option” on page 33
Views in the Window > Show View Option
The views that appear in the Window > Show View option include:
Dataflow: Designer allows you to manage how the data flows between the Identity Vault and the connected systems. You can see how the data flows between all of the connected systems, make changes as needed, create reports about the data, and view the flow of passwords between the systems. For more information, see “ Managing the Flow of Data ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Outline: The Outline view provides an outline of all of the objects you have open in an active editor. The Outline view’s contents vary, depending on the editor you have open at the time. For example, if you have a project open in the Modeler view, you see an outline of all of the objects
that have been created for that project. See Section 4.6, “The Outline View,” on page 42
.
Policy Set: The Policy Set view lists policies and displays a toolbar. The list displays all policies contained in the selected policy set. During a transformation, the policies within the list are executed from top to bottom. For a description of the icons located on the Policy Set view
toolbar, see Section 4.8, “Policy Set View,” on page 68
.
Project: The Project view lists all existing Designer projects. From the Project view, you can quickly find, open, view, navigate, manage, close, and delete any Designer project. See
Section 4.5, “The Project View,” on page 39
.
Project Checker: Designer provides a Project Checker tool to check your project. The Project
Checker checks for proper design, contexts, server associations, policies, missing user data, and dependency problems that would cause the project deployment into the Identity Vault to fail.
The project can be checked at any time, but you should always run the Project Checker before deploying your project. See “ Checking Your Projects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Provisioning View: The Provisioning view provides persistent access to Designer’s provisioning features. Use the Provisioning view to access the editors that allow you to create and manipulate User Application components, manipulate object definitions, such as import or export object definitions, and define the User Application driver’s supported and default locales.
32 Understanding Designer for Identity Manager
Search Results: You can use the Search Results view to search across an entire project. With the Modeler view active, press Ctrl+F, then select the object types for which you want to search. The results appear in the Search Results view, sorted by name, class, type, and notes.
See Section 4.10, “The Search Results View,” on page 73
.
Tasks: The Tasks view enables you to make and prioritize notes while you manage identities.
This view is for your convenience; it can contain whatever you want and won’t affect the
functionality of your solution. See Section 4.11, “The Tasks View,” on page 74
.
Trace: The Error Log view can help you troubleshoot. If something isn’t working, messages written to the error log might help you. The log is named .log
. It is a hidden file. To view the error log, you can use menus or browse the file system. See “ Viewing the Error Log ” in the
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Version Control: Version control enables you to track revisions of your project, along with all the objects and files in that project, share those revisions with other members of your team, manage the history of your objects, and make sure that every member of your team is using the same version of your project. See “ Version Control ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Views in the Window > Show View> Other Option
The Window > Show View > Other option contains views under the following headings:
“Designer for Identity Manager” on page 34
General
Bookmarks: The Bookmarks view enables you to see bookmarks that you have set in your text editors. To access the Bookmarks view, select Window > Show View > Other and select the
Bookmarks option under the General heading.
Classic Search: The Classic Search view enables you to search files, Java, or plug-ins. This is a default Eclipse function.
Console: The Console view allows you to view any consoles you have open. To access the
Console view, select Window > Show View > Other and select the Console option under the
General heading.
Error Log: The Error Log view can help you troubleshoot. If something isn’t working, messages written to the error log might help you. The log is named .log
. It is a hidden file. See
“ Viewing the Error Log ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration
Guide .
Internal Web Browser: You can open the Internal Web Browser view by selecting Window >
Show View > Other and then selecting the Internal Web Browser option under the General heading. You can also open a Web browser within the Designer utility. The Web browser button is available from the main toolbar. See “ Opening a Web Browser ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Workspaces, Perspectives, and Views 33
Markers: A marker is associated with the Workbench, where it is used for tasks, problems, and bookmarks. The Markers view displays all markers in your project.
Navigator: The Navigator view enables you to manage and view the file resources that are in your workspace. You can see your projects and files as they actually exist in the file system.
You can add files and folders, and append them to your projects or workspace. See
“The Navigator View,” on page 64 .
Outline: The Outline view provides an outline of all of the objects you have open in an active editor. The Outline view’s contents vary, depending on the editor you have open at the time. For example, if you have a project open in the Modeler view, you see an outline of all of the objects
that have been created for that project. See Section 4.6, “The Outline View,” on page 42
.
Problems: You can validate your XML files by using the right-mouse menu in the Source editor. If any validation errors or warnings occur, they are displayed in the Problems view.
The Problems view shows you errors, warnings, and information on any problems relating to data source explorer failures, EMF problems, moduleCore validation markers, problems, or validation messages.
Progress: The Progress view displays the progress of an operation.
Project Explorer: The Project Explorer view allows you to view information about all of the objects found in a project. Pertinent information about a selected object is displayed in the
Properties view.
Properties: The Properties view displays information on key-value pairs (for example, Max
Log Entries 2). The information displayed depends on what is selected in the active view (for example, the Modeler or Outline view). Often, the Properties view lets you edit the information. You can also view and edit the Administrator settings in an Identity Vault. See
Section 4.9, “The Properties View,” on page 70 .
Tasks: The Tasks view enables you to make and prioritize notes while you manage identities.
This view is for your convenience; it can contain whatever you want and won’t affect the
functionality of your solution. See Section 4.11, “The Tasks View,” on page 74
.
Templates: The Templates view allows you to work within the templates of the active editor.
The content of this view is editor specific, and not all editors provide templates.
Designer for Identity Manager
Dataflow: Designer allows you to manage how the data flows between the Identity Vault and the connected systems. You can see how the data flows between all of the connected systems, make changes as needed, create reports about the data, and view the flow of passwords between the systems. For more information, see “ Managing the Flow of Data ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Policy Set: The Policy Set view lists policies and displays a toolbar. The list displays all policies contained in the selected policy set. During a transformation, the policies within the list are executed from top to bottom. For a description of the icons located on the Policy Set view
toolbar, see Section 4.8, “Policy Set View,” on page 68
.
Project: The Project view lists all existing Designer projects. From the Project view, you can quickly find, open, view, navigate, manage, close, and delete any Designer project. See
Section 4.5, “The Project View,” on page 39
.
Project Checker: Designer provides a Project Checker tool to check your project. The Project
Checker checks for proper design, contexts, server associations, policies, missing user data, and dependency problems that would cause the deployment of project into the Identity Vault to fail.
34 Understanding Designer for Identity Manager
The project can be checked at any time, but you should always run the Project Checker before deploying your project. See “ Checking Your Projects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Search Results: You can use the Search Results view to search across an entire project. With the Modeler view active, press Ctrl+F, then select the object types you want to search on. The results appear in the Search Results view, sorted by name, class, type, and notes. See
Section 4.10, “The Search Results View,” on page 73 .
Trace: The Error Log view can help you troubleshoot. If something isn’t working, messages written to the error log might help you. The log is named .log
. It is a hidden file. To view the error log, you can use menus or browse the file system. See “ Viewing the Error Log ” in the
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Version Control: Designer for Identity Manager contains a new feature called version control.
Version control enables you to track revisions of your project, along with all the objects and files in that project, share those revisions with other members of your team, manage the history of your objects, and make sure that every member of your team is using the same version of your project. See “ Version Control ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
eDirectory Browser: To locate or modify objects during your project development, use the eDirectory Object Manager to browse to and edit attributes of objects in the Identity Vault and other eDirectory trees. See “ Managing Directory Objects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Help
Help: You can bring up the Help view by pressing F1 or by clicking a help button. You can also
PDE Runtime
Plug-in Registry: A problem can occur if a plug-in fails to load. Use the Plug-in Registry view to see which plug-ins are loaded. See “ Checking Loaded Plug-Ins ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Provisioning
Data Item Mapping: Specifies how object attributes are mapped. See “ Mapping Identity Vault to an LDAP Schema ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
E-Mail Notification: Notification templates enable you to customize and send e-mail messages that users receive when triggers occur. The E-Mail Notification view allows you to view how notification templates are mapped to an e-mail server. See “ Setting Up E-Mail
Notification Templates ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration
Guide .
Provisioning View: The Provisioning view provides persistent access to Designer’s provisioning features. Use the Provisioning view to access the editors that allow you to create and manipulate User Application components, manipulate object definitions such as import or export object definitions, and define the User Application driver’s supported and default locales.
Workspaces, Perspectives, and Views 35
XML
XPath Navigator: The XPath Navigator view supports context-sensitive editing of XPath expressions and syntax highlighting. It automatically attaches to the currently selected XML editor and uses its Document node as the evaluation context. The namespace context shows all namespaces in scope on its document element. See “ XPath Navigator ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
4.4.2 Opening a View
Figure 4-5 Selecting a View to Open
To open a view, select Windows > Show View, then select an option. There are a number of available views that you can see when you select the Window > Show View > Other option.
To narrow the list of views from the Other option, use the view filter:
1 Select Window > Show View > Other.
2 In the edit box, type the name of the view that you want (for example, Trace).
You can open, maximize, and close these views. You can also arrange them however you want, or
make Fast Views from them. See Section 4.4.7, “Using Fast Views,” on page 38 .
To quickly expand or contract a view, double-click the view’s tab.
36 Understanding Designer for Identity Manager
When you minimize a view or an editor stack, a placeholder tray appears in the closest location along the left, bottom, or right edge of the workbench. Each view from the view stack acts as a fast view while it is in this location. You can restore the stack by clicking the tray's Restore icon. You can drag and drop minimized trays to new locations along the workbench edge. Maximizing any stack triggers minimization of all others.
Figure 4-6 A Placeholder Tray for the Project View
4.4.3 Moving a View
To move a view, drag the view’s tab to one of the following locations:
The left, bottom, top, or right of Designer
Stacked with other views
Outside of Designer, where it floats on your desktop
If two or more views are open, you can switch their order.
4.4.4 Minimizing and Maximizing Views
To minimize a view, do one of the following:
Click the Minimize button in the view’s title bar
Press Ctrl+M.
.
To restore the view to its original size, click the Restore button in the view’s title bar.
To maximize a view or editor, do one of the following
Double-click the view’s tab.
Click the Maximize button
Press Ctrl+M.
.
When it is expanded, the view or editor fills the entire application space. This feature provides maximum working space.
To restore the editor or view to its original dimensions, double-click the view’s tab.
Workspaces, Perspectives, and Views 37
4.4.5 Closing a View
To close a view or editor, do one of the following:
Click the X on the view’s tab.
Right-click the view’s tab, then select Close.
Figure 4-7 Options to Close a View
4.4.6 Reopening a View Window
1 From the main menu, select Window > Show View.
2 Select one of the views (for example, Outline).
You can also select Window > Show View > Other, then select one of the views under Designer for
Identity Manager (for example, Projects).
4.4.7 Using Fast Views
The Fast View toolbar provides an efficient way to manage certain types of views that you don’t want to clutter the desktop, but still want to have readily accessible. To add a view to the Fast View toolbar:
1 Click the Show View as a Fast View Perspective icon in the bottom left corner of the
Designer window (under the Properties view).
2 Select a view.
3 The view appears to the left of the Modeler view. Right-click the view’s tab and deselect Fast
View to see the view’s default placement in Designer.
38 Understanding Designer for Identity Manager
4 Reselect Fast View to have the view with its icon appear next to the Show View as a Fast View
Perspective icon.
After the icon appears next to the Show View as a Fast View Perspective icon, do the following to restore a Fast View to a normal view:
1 Right-click the view icon in the Fast View toolbar.
2 Deselect Fast View.
You can also set the following:
Whether you want the Fast View to appear horizontally or vertically (the Orientation option)
Figure 4-8 Options for Fast Views
Where you want to dock the Fast View
Views and selected items that appear by default in the Modeler view do not have the Fast View option.
4.5 The Project View
The Designer Project view lists all existing Designer projects. From the Project view, you can quickly find, open, view, navigate, manage, close, and delete any Designer project.
To open the Project view, select the Project tab in the upper left view of Designer, or if the view is not open, click Window > Show View > Project from the main menu.
The Project view provides a standard menu of functions, which are available by right-clicking the
Project tab. Similarly, the Project view provides an icon bar with additional functions.
Figure 8-12 shows a typical Project view displaying the icons available in a Designer project.
Workspaces, Perspectives, and Views 39
Figure 4-9 The Project View
Table 8-1 describes the project icons displayed in the Project view.
Table 4-1 Project Icons Displayed in the Project View
Icon Name
Project Name or
Description
The name of the created project. It is the name of the project stored in the selected workspace directory. Double-clicking the Project name expands and collapses the entries under the project.
Right-clicking a project name allows you to do the following:
Create a new Identity Manager Project.
Open the project with the System Model (Modeler view).
Import an Identity Manager Project from:
An Identity Vault
An iManager Export file
A file system
A version control server
Export the project.
Refresh the project.
Make a copy of the project.
Move the project to another workspace.
Disable/enable the project. Disabled projects are taken out of the
Version Control view.
Rename the project.
Delete the project.
View the project’s properties page.
Projects under a version control server have a different icon and have two additional choices:
Check the project into the version control server.
Update the project from the version control server.
40 Understanding Designer for Identity Manager
Icon Name
System Model or
Documents
Toolbox
.docgen File
Description
Double-clicking the System Model entry puts the project into the Modeler view. You can create or import driver sets, drivers, channels, or policies into the Modeler to modify the project as needed. Then you can deploy the driver set, drivers, channels, or policies into an Identity Manager system.
System Models under a version control server have a different icon .
Right-clicking the System Model allows you to:
Open the project in the Modeler view
Use the Designer > Documents folder for documents that are related to the project. You can also create new folders to organize your projects as needed. The Generated folder under Documents holds your generated documentation files, and the images folder under the
Generated folder holds any graphic files that are created when you generate documents.
Right-clicking the Documents folder or the Generated folder allows you to:
Create a new file.
Create a new folder.
Import a file or a folder.
Export the project.
Copy the folder.
Paste items into the folder.
Refresh the folder’s view.
The Toolbox folder is for special files that ship with Designer. You cannot create new files or folders under this folder. The Styles folder under the Toolbox > DocumentGenerator folder contains the document generation styles. Right-click this folder to create a new style from the context menu that comes up.
Right-clicking the Toolbox folder or its subfolders allows you to:
Copy the folder.
Right-click the Styles folder and select New > Document
Generation Style (.docgen) to create a new style. The wizard generates a style (template with a .docgen
extension) that displays under the Styles folder. (See “ Documenting Projects ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide for more information.)
Right-clicking the .docgen
file entry allows you to:
Open the .docgen
file with a Style editor.
Copy and delete the .docgen
file. Use Copy and Paste to copy documentation files to different projects or folders.
Refresh and rename the file.
Generate documentation using this style.
Workspaces, Perspectives, and Views 41
Icon Name
Additional File Types
Description
Because the Generated and Images folders can contain many different files, you can see different icons displayed, depending on the file extension.
Right-clicking these any of these files allows you to:
Copy and delete the file. Use Copy and Paste to copy documentation files to different projects or folders.
Refresh and rename the file.
Open the file or open the file with a text or system Editor. You can also double-click the file and have Designer choose an editor for the file.
Delete the file.
4.6 The Outline View
The Outline view provides an outline of the active editor. To open the Outline view, select the
Outline tab in the upper left view of Designer, or if the view is not open, click Window > Show View
> Outline.
The Outline view’s contents vary, depending on the editor you have open at the time.
For the standard Designer editors, you see a tree view of the information, a thumbnail graphical view, or a Policy Flow view, depending on which mode you are in.
If you open an XML editor for an XML file in the Navigator view (not the embedded XML editor that is part of the Designer editors), you see a tree view of the XML document.
Selecting items in the Outline view also selects them in the Modeler. If the selected item isn’t visible in the Modeler, it automatically scrolls into view. Similarly, as you add or remove items the Modeler, they are automatically added or removed in the Outline view.
The Outline view provides a standard menu of functions, which are available by right-clicking the
Outline tab. The Outline view also provides an icon bar of additional functions specific to the
Outline view.
Figure 8-13 shows a typical Outline view along with its icon bar.
42 Understanding Designer for Identity Manager
Figure 4-10 The Outline View
The following sections describe the project icons displayed in the Outline view.
Section 4.6.1, “Project Name,” on page 44
Section 4.6.2, “Version Control Project Name,” on page 44
Section 4.6.3, “Package Catalog,” on page 45
Section 4.6.4, “Category,” on page 45
Section 4.6.5, “Group,” on page 45
Section 4.6.6, “Package,” on page 45
Section 4.6.7, “Identity Vault,” on page 46
Section 4.6.8, “Domain Group,” on page 47
Section 4.6.9, “Library,” on page 47
Section 4.6.10, “Server,” on page 48
Section 4.6.11, “Driver Set,” on page 48
Section 4.6.12, “ID Policy Container and ID Policy,” on page 49
Section 4.6.13, “Driver,” on page 50
Section 4.6.14, “Publisher and Subscriber Channels,” on page 52
Section 4.6.15, “Policy,” on page 53
Section 4.6.16, “Overlay Icons,” on page 54
Section 4.6.17, “Schema Mapping,” on page 54
Section 4.6.18, “Resource,” on page 55
Workspaces, Perspectives, and Views 43
Section 4.6.19, “Global Configuration,” on page 55
Section 4.6.20, “XSLT,” on page 56
Section 4.6.21, “Filter,” on page 57
Section 4.6.22, “Application,” on page 57
Section 4.6.23, “Entitlement,” on page 58
Section 4.6.24, “Job,” on page 59
Section 4.6.25, “ECMAScript,” on page 60
Section 4.6.26, “Mapping Table,” on page 60
Section 4.6.27, “User Application,” on page 61
Section 4.6.28, “Default Notification Collection,” on page 62
Section 4.6.29, “Notification Template,” on page 63
4.6.1 Project Name
The Project Name displays the name of the project when you create it. This is the name of the project stored in the \workspace\project name directory.
Right-click the project name to do the following:
New: Under New, you can add an application, a Domain Group, or an Identity Vault to the Modeler.
Document Selection: Generates the documentation for the project.
Live: Allows you to import a driver set from the Identity Vault.
Check in: Not available if version control is not enabled for the project.
Update: Not available if version control is not enabled for the project.
Delete: Deletes the project.
Properties: Launches the Properties page associated with this object.
4.6.2 Version Control Project Name
The Project Name icon changes when you commit the project to a version control server.
Right-click the project name to do the following:
New: Under New, you can add an application, a Domain Group, or an Identity Vault.
Document Selection: Generates the documentation for the project.
Live: Allows you to import a driver set from the Identity Vault.
Check in: Checks in the project into a version control server.
Update: Updates the project from a version control server.
Delete: Deletes the project.
Properties: Launches the Properties page associated with this object.
44 Understanding Designer for Identity Manager
4.6.3 Package Catalog
A Package Catalog stores packages that are used in your Identity Manager solution. The Package
Catalog is only displayed in the Outline view.
Right-click the Package Catalog to perform the following:
Import Package: Allows you to download any available packages to use in your Identity Manager solution. For more information, see “ Importing Packages into the Package Catalog ” in the Designer
4.0.1 for Identity Manager 4.0.1 Administration Guide .
New Category: Creates a new category to store your packages in.
4.6.4 Category
A category helps organize packages into common categories.
Right-click the category to perform the following:
New Group: Creates a new group to store your packages in.
Delete: You can delete the category as long as none of the packages in the category are currently installed.
Properties: Allows you to rename the category and add a description for the category.
4.6.5 Group
A group helps organize packages with common functionality together.
Right-click the group to perform the following:
New Package: Creates a new package. For more information, see “ Creating Packages ” in the
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Delete: You can delete the group as long as none of the packages in the group are currently installed.
Properties: Allows you to rename the group and add a description for the group.
4.6.6 Package
A package contains the components of a driver organized according to what functionality you want to provide to a driver.
The first time you right-click the package icon, the following options are available:
Request Ownership: Allows you to move a development package from one Designer project to another. It unlocks a package that is not released, only if the package is found in at least one project in the workspace.
Copy Package: Creates a copy of the package.
Delete: Deletes the package.
Properties: Displays the properties of the package.
Workspaces, Perspectives, and Views 45
After you request the ownership of the package, the following options are available:
Generate Prompt Resource: Generates Global Configuration objects that create prompts in the
Driver Configuration Wizard. You can create the following prompt types:
Driver Name
Initial Settings
Upgrade Settings
Remote Loader
For more information, see “ Editing Package Prompts ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Localization Allows you to generate properties files for localization or imports the properties files for localization.
New Package Version: Changes the package version.
Copy Package: Copies the package.
Build: Builds the package for release.
Delete: Deletes the package.
Properties: Displays the properties of the package.
4.6.7 Identity Vault
An Identity Vault represents the eDirectory tree that has Identity Manager installed on it.
Right-click the Identity Vault to perform the following:
New: Under New, you can add a driver set, a library, or a server object to the project.
Manage Vault Schema: Allows you to manage the Identity Vault schema.
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the Identity Vault level. This allows you to control how rules, conditions, and tokens flow through policies.
Document Selection: Generates the documentation for the Identity Vault.
Import from Configuration File: Imports a driver configuration file.
Import Schema from File: Imports schemas from a file.
Export to File: Exports the Identity Vault configuration and schema to a file.
Live: Allows you to perform the following actions to the Identity Vault:
Import: Imports a driver set from the Identity Vault.
Deploy: Deploys the Identity Vault in Designer to the live system.
Compare: Compares the contents of the Identity Vault in Designer to the live system.
Schema: Allows you to import, deploy, or compare the schema in Designer to the schema in the live system.
46 Understanding Designer for Identity Manager
Manage Directory: Allows you to manage the objects in the Identity Vault.
DS Trace: Runs a DS Trace from the live system.
iManager: Launches iManager.
Driver Status: Displays the status of the drivers in the selected Identity Vault.
Start All Drivers: Starts all of the drivers in the selected Identity Vault.
Stop All Drivers: Stops all of the drivers in the selected Identity Vault.
Restart All Drivers: Restarts all of the drivers in the selected Identity Vault.
Delete: Deletes the Identity Vault.
Properties: Launches the Properties page associated with this object.
4.6.8 Domain Group
Domain groups allow you to group projects into granular portions.
Right-click the Domain object to perform the following:
New: Under New, you can add an application, a Domain Group, or an Identity Vault.
Document Selection: Generates the documentation for the Domain.
Live: Allows you to import objects from the Identity Vault.
Delete: Deletes the Domain Group.
Properties: Launchers the Properties page associated with this object.
If you select to document this group, the generated document filters items that are outside the
Domain Group. Drivers bordering the domain are included in the document.
4.6.9 Library
The Library object is a repository of commonly used policies, scripts, and resources that can be referenced from multiple locations. You can place a policy in the library that every driver in the driver set can reference.
Right-click the Library object to perform the following:
New: Under New, you can add the following types of objects:
Credential application
Credential repository
DirXML Script
ECMAScript
Mapping Table
Global Configuration
DS Object
Resource
Schema Map
Workspaces, Perspectives, and Views 47
XSLT
From a copy
DriXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the Library level. This allows you to control how rules, conditions and tokens flow through policies.
Export to Configuration File: Exports the library to a configuration file.
Import from Configuration File: Imports a configuration file.
Live: Under Live, you can:
Import: Imports content into the library. For example you can import a policy.
Deploy: Deploys the library to the Identity Vault.
Compare: Compares the library to the library in the live system.
Delete: Deletes the Library object.
Properties: Launches the Properties page associated with this object.
4.6.10 Server
The Server object is the server in the tree where you have Identity Manager installed.
Right-click the Server object to perform the following:
Migrate: Migrates the information from this Server object to another Server object.
Delete: Deletes the Server object.
Properties: Launchers the Properties page associated with this object.
4.6.11 Driver Set
The driver set is a collection of Identity Manager drivers that are stored in a single location.
Right-click the driver set to perform the following:
New: Under New, you can create the following objects:
Driver
Job
Library
Role-Based Entitlement Policies
DS Object
Global Configuration
Copy: Allows you to copy the driver set settings and global configuration values to another driver set.
48 Understanding Designer for Identity Manager
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the driver set level. This allows you to control how rules, conditions, and tokens flow through policies.
Document Selection: Generates the documentation for the driver set.
Import from Configuration File: Imports a configuration file.
Export to Configuration File: Exports the driver set to a configuration file.
Live: Under Live, you can:
Import: Import a driver into the driver set.
Deploy: Deploys the selected driver set into the live system.
Compare: Compares the driver set in Designer to a deployed driver set in the Identity Vault
Driver Set Configuration: Allows you to import, deploy, and compare driver set configuration attributes.
Driver Status: Displays the status of all of the drivers in the driver set.
Start All Drivers: Starts all drivers in the driver set.
Stop All Drivers: Stops all drivers in the driver set.
Restart All Drivers: Restarts all drivers in the driver set.
Delete: Deletes the driver set.
Properties: Launches the Properties page associated with the driver set.
If you select Document Selection, the generated document filters most items that are outside the driver set. Child objects are also included and parent objects are included in the document for perspective purposes.
4.6.12 ID Policy Container and ID Policy
An ID Policy container is created under an ID Provider driver and is a repository for ID policies. An ID policy allows the ID Provider driver to assign unique IDs to objects. When the ID
Provider driver receives an ID request from a client, it generates an identification that is based on the
ID policy specified in the request and passes it to the client.
Right-click the ID Policy container to perform the following:
New: Creates a new policy.
Export to Configuration File: Exports the policy container object to a configuration file.
Live: Under Live, you can:
Import: Imports a policy in to the policy container.
Deploy: Deploys the ID Policy container into the Identity Vault.
Compare: Compares the ID Policy container in Designer to a deployed ID Policy container in the Identity Vault
Delete: Deletes the ID Policy container.
Properties: Launches the Properties page associated with this object.
Workspaces, Perspectives, and Views 49
Right-click the ID Policy to perform the following:
Add to Package: Allows you to include the policy in a package if it was not installed with a package.
Package Properties: Displays the properties of the package that installed the selected policy.
Revert Customization: Revert Customization is available if the policy is part of a package, and if the policy is customized. Revert Customization is like an undo, and it removes any customizations you made.
Live: Under Live, you can:
Deploy: Deploys the ID Policy into the Identity Vault.
Compare: Compares the ID Policy in Designer to a deployed ID Policy container in the
Identity Vault.
Delete: Deletes the ID Policy.
Properties: Launches the Properties page associated with this object. To configure ID policies, see
“ Configuring ID Policies ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
4.6.13 Driver
A Driver object is a collection of channels, policies, rules, resources, and filters that connect an application to Identity Manager. Each driver performs different tasks. Policies, rules, resources, and filters tell the driver how to manipulate the data to perform those tasks.
Right-click the Driver object to do the following:
New: Under New, you can add the following policy types:
Credential application
Credential repository
DirXML Script
ECMAScript
Entitlement
Job
Mapping Table
Global Configuration
DS Object
Resource
Schema Map
XSLT
From a copy
Copy: Copies the driver settings or server-specific driver settings.
Show Dataflow View Launches the Dataflow view for the driver. For more information, see “ The
Dataflow View ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
50 Understanding Designer for Identity Manager
Show Policy Sets: Display the policy sets in this driver.
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the driver level. This allows you to control how rules, conditions, and tokens flow through policies.
Simulate: Launches the Policy Simulator, which allows you to test the policies in the driver. For more information, see “ Testing Policies with the Policy Simulator ” in the Policies in Designer 4.0.1
.
Run Configuration Wizard: Launches the Driver Configuration Wizard, which allows you to install more packages or import a driver configuration file.
Password Synchronization: Allows you to configure the driver to synchronize password between the application and the Identity Vault. For more information, see the Identity Manager 4.0.1
Password Management Guide .
Manage Application Schema: Allows you to manage the application’s schema from Designer.
Document Selection: Generates the documentation for this driver.
Import from Configuration File: Imports a driver configuration file. This overwrites you current policies with the content in the driver configuration file.
Export to Configuration File: Exports the driver to a configuration file.
Copy Server-Specify Data: Copies server-specific data between servers. To do this, you must have more than one server associated with the driver set. You can add a server to a driver set by going into the Driver Set Properties page. The replica data that you can copy includes:
Global configuration values
Named passwords
Driver authentication information
Driver startup option
Driver parameters
Live: Under Live, you can:
Import: Imports a driver.
Deploy: Deploys a driver.
Compare: Compares the driver in Designer to a deployed driver in the Identity Vault
Driver Configuration: Imports, deploys, and compares driver configuration attributes.
Refresh Application Schema: Refreshes the application schema in Designer.
Driver Status: Displays the selected driver’s status.
Start Driver: Starts the selected driver.
Stop Driver: Stops the selected driver.
Restart Driver: Restarts the selected driver.
Set Up Driver Security: Allows you to configure the driver security that is deployed to the
Identity Vault.
Set Driver Trace Level: Allows you to set the driver trace level. The driver trace level is what determines the information displayed in the driver trace.
Workspaces, Perspectives, and Views 51
Delete: Deletes the Driver object.
Properties: Launches the Properties page associated with this object.
If you select Document Selection, the generated document filters most items that are outside the driver. Child objects are also included and parent objects are included in the document for perspective purposes.
4.6.14 Publisher and Subscriber Channels
A channel is a combination of rules, policies, and resources. Designer allows you to import a channel instead of the entire driver. The Subscriber and Publisher channels describe the direction in which the information flows.
The Publisher channel takes the event from the application, database, CSV file, etc., and sends that event to the Identity Vault. Channel events do not need to be the same on each channel.
The Subscriber channel takes the event from the Identity Vault and sends that event to whatever the receiving system is (application, database, CSV file, etc.).
Right-click the Publisher or Subscriber channel to perform the following:
New: Under New, you can add the following policy types:
Credential application
Credential repository
DirXML Script
ECMAScript
Mapping Table
DS Object
Resource
Schema Map
XSLT
From a copy
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the channel level. This allows you to control how rules, conditions, and tokens flow through policies.
Simulate: Launches the Policy Simulator on the channel to ensure that the policies are working correctly.
Import from Configuration File: Imports information from configuration file.
Export to Configuration File: Exports the channel configuration to a file.
Live: Under Live, you can:
Import: Imports items into the channel. For example, you can import a policy.
Deploy: Deploys a channel into the Identity Vault.
Compare: Compares the channel in Designer to a deployed driver channel in an Identity Vault
52 Understanding Designer for Identity Manager
Properties: Launches the Properties page associated with this object.
4.6.15 Policy
A policy is a collection of rules and arguments that allow you to configure an application to send or receive events to or from the Identity Vault. You use policies to manipulate the data you receive from the Identity Vault or from the application. Each driver performs different tasks, and policies tell the driver how to manipulate the data to perform those tasks.
Right-click the Policy object to perform the following:
Edit: Launches the Policy Builder so you can edit the policy.
Copy: Creates a copy of the selected policy.
Save As: Allows you to save the policy as an XML file.
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the policy level. This allows you to control how rules, conditions, and tokens flow through policies.
Add to Package: Allows you to include the policy in a package if it was not installed with a package.
Package Properties: Displays the properties of the package that installed the selected policy.
Revert Customization: Revert Customization is available if the policy is part of a package, and if the policy is customized. Revert Customization is like an undo, and it removes any customizations you made.
Simulate: Launches the Policy Simulator to test that the policy is working correctly.
Export to Configuration File: Exports the policy to a configuration file.
Live: Under Live, you can:
Deploy: Deploys the policy to the Identity Vault.
Compare: Compares the policy in Designer to a deployed policy in the Identity Vault.
Open With: Allows you to open the policy with one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the selected policy.
Properties: Launches the Properties page associated with this object.
Workspaces, Perspectives, and Views 53
4.6.16 Overlay Icons
Overlay icons have an overlay symbol in one of the corners to signify that the object is in a certain state. For example, the policy icon to the left signifies that the policy does not belong to a policy set. An application icon with an overlay signifies that there is more than one driver connected to the application. A driver set icon with a server overlay signifies that the driver set is connected to an Identity Manager server.
Overlay icons can be informational, warnings, or they can signify errors. In the Compare window, overlay icons tell you whether the object is on the server or in Designer.
They also tell you if you have customized the policies that come in packages. You can either keep your customizations or revert back to the original state of the policy as it is in the package.
4.6.17 Schema Mapping
Schema Mapping allows Identity Manager to synchronize information to the connected system without changing the connected system. A schema translates all classes and attributes for the connected system.
Right-click the Schema Mapping object to perform the following:
Edit: Launches the Schema Mapping editor so you can edit the Schema Mapping.
Copy: Creates a copy of the Schema Mapping.
Save As: Allows you to save the Schema Mapping as an XML file.
Add to Package: Allows you to include the Schema Mapping in a package, if it is not installed with a package.
Package Properties: Displays the properties of the package that installed the Schema Mapping.
Revert Customization: Revert Customization is available if the Schema Mapping is part of a package, and if the Schema Mapping is customized. Revert Customization is like an undo, and it removes any customizations you made.
Simulate: Launches the Policy Simulator to ensure that the Schema Mapping is working correctly.
Export to Configuration File: Exports a Schema Mapping policy configuration to an XML file.
Live: Under Live, you can:
Deploy: Deploys a Schema Mapping policy to the Identity Vault.
Compare: Compares the Schema Mapping policy in Designer to a deployed Schema Mapping policy in an Identity Vault.
Open With: Allows you to open the Schema Mapping policy with one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the selected Schema Mapping policy.
54 Understanding Designer for Identity Manager
Properties: Launches the Properties page associated with this object.
4.6.18 Resource
Resource objects store information that drivers use. Double-clicking a resource object brings up the object in an editor.
Right-click the Resource object to perform the following:
Edit: Launches an editor so you can edit the Resource object.
Copy: Creates a copy of the selected Resource object.
Add to Package: Allows you to include the Resource object in a package, if it is not installed with a package.
Package Properties: Displays the properties of the package that installed the resource object.
Revert Customization: Revert Customization is available if the resource object is part of a package, and if the resource object is customized. Revert Customization is like an undo, and it removes any customizations you made.
Export to Configuration File: Exports the Resource policy to a configuration file.
Live: Under Live, you can:
Deploy: Deploys the Resource object to the Identity Vault.
Compare: Compares the Resource object in Designer to a deployed Resource object in the
Identity Vault.
Open With: Allows you to open the Resource object with one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the selected Resource object.
Properties: Launches the Properties page associated with this object.
4.6.19 Global Configuration
Global Configuration objects contain GCV definitions that can be added to a package. The GCV definitions are identical to the GCVs that are contained on a driver or driver set.
Right-click the Global Configuration object to perform the following:
Copy: Creates a copy of the Global Configuration object.
Add to Package: Allows you to add the Global Configuration object to a package, if it was not installed with a package.
Generate Prompt Resource: Allows you to generate a Prompt Resource object to add to a package.
This allows for questions to be presented during the import of the packages.
Workspaces, Perspectives, and Views 55
Package Properties: Displays the properties of the package that installed the Global Configuration object.
Revert Customization: Revert Customization is available if the Global Configuration object is part of a package, and if the global configuration object is customized. Revert Customization is like an undo, and it removes any customizations you made.
Live: Under Live, you can:
Deploy: Deploys the Global Configuration object to the Identity Vault.
Compare: Compares the Global Configuration object in Designer to the deployed Global
Configuration object in the Identity Vault.
Delete: Deletes the Global Configuration object.
Properties: Launches the Properties page of the Global Configuration object.
4.6.20 XSLT
XSLT represents XSLT style sheets, which are used instead of the DirXML Script.
Right-click the XSLT style sheet object to perform the following:
Edit: Launches the XLM Editor so you can edit the XSLT style sheet.
Copy: Creates a copy of the XSLT style sheet.
Save As: Allows you to save the XSLT style sheet as an XML file.
Add to Package: Allows you to add the XSLT style sheet to a package, if it was not installed with a package.
Package Properties: Displays the properties of the package that installed the XSLT style sheet.
Revert Customization: Revert Customization is available if the XSLT style sheet is part of a package, and if the XSLT style sheet is customized. The Revert Customization is like an undo, and it removes any customizations you made.
Simulate: Launches the Policy Simulator to ensure that the XSLT style sheet is working correctly.
Export to Configuration File: Exports the XSLT style sheet to an XML file.
Live: Under Live, you can:
Deploy: Deploys the XSLT style sheet to the Identity Vault.
Compare: Compares the XSLT style sheet in Designer to an XSLT style sheet in the Identity
Vault
Open With: Allows you to open the XSLT style sheet with one of the following editors:
Designer Built-in Editor
Novel XML Editor
XML Editor
Text Editor
56 Understanding Designer for Identity Manager
Delete: Deletes the XSLT style sheet.
Properties: Launches the Properties page associated with this object.
4.6.21 Filter
Filter allows the objects to be sent. It’s the gatekeeper that restricts the objects (groups, users, and the attributes associated with them) that can be sent to and from an Identity Vault.
Right-click the Filter object to perform the following:
Edit: Launches the Filter Editor so you can edit the filter.
Save As: Allows you to save the filter as an XML file.
Simulate: Launches the Policy Simulator to ensure that the filter is working correctly.
Export to a Configuration File: Exports the filter to an XML file.
Live: Under Live, you can:
Deploy: Deploys the filter into the Identity Vault.
Compare: Compares the filter in Designer to a deployed filter in the Identity Vault.
Open With: Allows you to open the filter in one of the following objects:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
4.6.22 Application
The Application object represents a connected system, whether that system is a database, an application, or CSV files.
Right-click the Application object to do the following:
New: Allows you to create a new Application object.
Show Dataflow View: Launches the Dataflow view. For more information, see “ The Dataflow
View ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Discover Domain Controller: Allows you to discover the domain controllers in your Active
Directory environment. This option is displayed only for the Active Directory application.
Remote Control Desktop: Launches a remote control session for the selected application. The host server must have an existing VNC server running.
Document Selection: Generates the documentation for the application object.
Workspaces, Perspectives, and Views 57
Driver: Under Driver, you can:
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the policy level. This allows you to control how rules, conditions, and tokens flow through policies.
Run Configuration Wizard: Launches the Driver Configuration Wizard, which allows you to install more packages or import a driver configuration file.
Export to Configuration File: Exports the driver configuration information to an XML file.
Import from Configuration File: Imports a driver configuration file. This overwrites your existing driver with the contents in the configuration file.
Import: Imports items into the driver. For example, you can import policies from configuration files.
Deploy: Deploys the driver into the Identity Vault.
Compare: Compares the driver in Designer to a deployed driver in the Identity Vault
Start Driver: Starts the selected driver.
Stop Driver: Stops the selected driver.
Restart Driver: Restarts the selected driver.
Set Up Driver Security: Allows you to configure the driver’s security in the Identity Vault.
Set Driver Trace Level: Allows you to set the driver trace level. The driver trace level is what determines the information displayed in the driver trace.
Properties: Launches the Properties page of the driver.
Delete: Deletes the selected Application object.
Properties: See the Properties page associated with this object.
If you select Document Selection, the generated document filters most items that are outside the driver. The driver object is also included, and parent objects above the driver object are included in the document for perspective purposes.
4.6.23 Entitlement
The Entitlement object represents an entitlement assigned to the Subscriber channel.
Right-click the Entitlement object to perform the following:
Edit: Launches the Entitlement editor so you can edit the Entitlement.
Copy: Creates a copy of the Entitlement.
Save As: Allows you to save the Entitlement as an XML file.
Add to Package: Allows you to include the Entitlement in a package, if it is not installed with a package.
Package Properties: Displays the properties of the package that installed the Entitlement.
Revert Customization: Revert Customization is available if the Entitlement is part of a package, and if the Entitlement is customized. Revert Customization is like an undo, and it removes any customizations you made.
58 Understanding Designer for Identity Manager
Export to Configuration File: Exports the Entitlement configuration to an XML file.
Live: Under Live, you can:
Deploy: Deploys the Entitlement to the Identity Vault.
Compare: Compares the Entitlement in Designer to a deployed Entitlement in an Identity
Vault.
Open With: Allows you to open the Entitlement with one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the selected Entitlement.
Properties: Launches the Properties page associated with this object.
4.6.24 Job
The Job object represents a job that you can schedule to run either immediately or at a later date.
Designer presently ships with three job types: Random Password Generator, Schedule Driver, and
Subscriber Channel Trigger. You can also have custom jobs.
Right-click the Job object to perform the following:
Copy: Creates a copy of the job.
Edit: Launches the Job Editor so you can edit the job.
Add to Package: Allows you to include the job in a package, if it is not installed with a package.
Package Properties: Launches the Properties page for the package that installed the job.
Revert Customization: Revert Customization is available if the job is part of a package, and if the job is customized. Revert Customization is like an undo, and it removes any customizations you made.
Export to Configuration File: Exports the job configuration to an XML file.
Live: Under Live, you can:
Deploy: Deploys the job to the Identity Vault.
Compare: Compare the job in Designer to a deployed job in the Identity Vault.
Open With: Allows you to open the job in one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the job.
Workspaces, Perspectives, and Views 59
Properties: Launches the Properties page associated with this object.
4.6.25 ECMAScript
The ECMAScript object represents an ECMAScript assigned to the Subscriber Channel.
Right-click the ECMAScript object to perform the following:
Edit: Launches the ECMAScript Editor so you can edit the ECMAScript.
Copy: Creates a copy of the ECMAScript.
Add to Package: Allows you to include the ECMAScript in a package, if it is not installed with a package.
Package Properties: Launches the Properties page for the package that installed the ECMAScript.
Revert Customization: Revert Customization is available if the ECMAScript is part of a package, and if the ECMAScript is customized. Revert Customization is like an undo, and it removes any customizations you made.
Export to Configuration File: Exports the ECMAScript configuration to an XML file.
Live: Under Live, you can:
Deploy: Deploys the ECMAScript into the Identity Vault.
Compare: Compares the ECMAScript in Designer to a deployed ECMAScript in an Identity
Vault.
Open With: Allows you to open the ECMAScript with one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the ECMAScript.
Properties: Launches the Properties page associated with this object.
4.6.26 Mapping Table
The Mapping Table object represents a Mapping Table assigned to the driver.
Right-click the Mapping Table object to perform the following:
Edit: Launches the Mapping Table Editor so you can edit the mapping table.
Copy: Creates a copy of the mapping table.
Add to Package: Allows you to include the mapping table in a package, if it is not installed with a package.
Package Properties: Launches the Properties page for the package that installed the mapping table.
60 Understanding Designer for Identity Manager
Revert Customization: Revert Customization is available if the mapping table is part of a package, and if the mapping table is customized. Revert Customization is like an undo, and it removes any customizations you made.
Export to Configuration File: Export the mapping table configuration to an XML file.
Live: Under Live, you can:
Deploy: Deploys the mapping table into the Identity Vault.
Compare: Compares the mapping table in Designer to a deployed mapping table in the
Identity Vault
Open With: Allows you to open the mapping table in one of the following editors:
Designer Built-in Editor
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the mapping table.
Properties: Launches the Properties page associated with this object.
4.6.27 User Application
The User Application object allows you to manage workflow provisioning.
Right-click the User Application object to perform the following:
Show Dataflow View: Launches the Dataflow view. For more information, see “ The Dataflow
View ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Remote Control Desktop: Launches a remote control session for the User Application. The host server must have an existing VNC server running.
Document Selection: Generates the documentation for the User Application.
Driver: Under Driver, you can:
DirXML Script Tracing: Allows you to turn on or turn off actions, conditions, and tokens on every policy at the policy level. This allows you to control how rules, conditions, and tokens flow through policies.
Run Configuration Wizard: Launches the Driver Configuration Wizard, which allows you to install more packages or import a driver configuration file.
Export to Configuration File: Exports the driver configuration information to an XML file.
Import from Configuration File: Imports a driver configuration file. This overwrites your existing driver with the contents in the configuration file.
Import: Imports items into the driver. For example, you can import policies from configuration files.
Deploy: Deploys the driver into the Identity Vault.
Compare: Compares the driver in Designer to a deployed driver in the Identity Vault
Workspaces, Perspectives, and Views 61
Start Driver: Starts the selected driver.
Stop Driver: Stops the selected driver.
Restart Driver: Restarts the selected driver.
Set Up Driver Security: Allows you to configure the driver’s security in the Identity Vault.
Set Driver Trace Level: Allows you to set the driver trace level. The driver trace level is what determines the information displayed in the driver trace.
Properties: Launches the Properties page of the driver.
Delete: Deletes the User Application.
Localize: Under Localize, you can:
Export Localization to File: Creates properties files that can be sent to be localized.
Import Localization from File: Imports the properties files that have been localized.
Configure: Under Configure, you can:
Locale: Configures the supported localization data.
Default Locale: Configures the default localization data.
Live: Under Live, you can:
Deploy: Deploys the User Application object to the Identity Vault.
Compare: Compares the User Application object in Designer to a deployed User Application object in the Identity Vault.
Import: Imports the User Application object from the Identity Vault.
Migrate: (Conditional) Migrates the User Application object if it needs to be migrated.
Export to File: Exports the User Application object to a file.
Import from File: Imports the User Application object from a file.
Validate: Validates the User Application object.
Show Provisioning View: Launches the Provisioning view.
Properties: Launches the Properties page associated with this object.
4.6.28 Default Notification Collection
The default Notification Collection object is a placeholder for all notification templates.
Right-click the Notification Collection object to perform the following:
New Template: Create a new notification template.
Edit Filer: If you want to see e-mail templates in other languages, click this option and select the languages.
Import Templates from File: Imports a notification template from a file.
Export Templates to File: Exports the notification templates to a file.
62 Understanding Designer for Identity Manager
Add Default Templates: Adds only the default notification e-mail templates in English to the
Identity Vault. You can also select to overwrite existing templates.
Add All Templates: Updates all of the notification e-mail templates in all of the languages that are installed with Designer to the Identity Vault. You can also select to overwrite existing templates.
Live: Under Live, you can:
Import: Imports an e-mail template from an Identity Vault.
Deploy: Deploys e-mail templates to the Identity Vault.
Compare: Compares the Notification Collection in Designer to a deployed Notification
Collection in the Identity Vault.
Localization: Under Live, you can:
Import Localization Data: Imports the localization data from a folder that stores localization data.
Export Localization Data: Exports the localization data to a folder.
Properties: Launches the Properties page associated with this object.
4.6.29 Notification Template
The Notification template is an e-mail template you can use in policies to notify people of events.
Right-click the Notification object to perform the following:
Live: Under Live, you can:
Deploy: Deploys e-mail templates to the Identity Vault.
Compare: Compares the Notification object in Designer to a deployed Notification object in the Identity Vault.
Add Localized Templates: Updates all of the localized versions for the selected notification template that are installed with Designer.
Edit: Launches an editor to allow you to edit the notification template.
Create: Creates a copy of the selected notification template.
Save As: Saves the notification template as an XML file.
Add to Package: Allows you to include the notification template in a package, if it is not installed with a package.
Package Properties: Launches the Properties page for the package that installed the notification template.
Revert Customization: Revert Customization is available if the notification template is part of a package, and if the notification template is customized. Revert Customization is like an undo, and it removes any customizations you made.
Open With: Opens the notification template with one of the following editors:
Designer Built-in Editor
Workspaces, Perspectives, and Views 63
Novell XML Editor
XML Editor
Text Editor
Delete: Deletes the select notification template.
Localization: Under Localization, you can:
Import Localization Data: Imports the localization data from a folder that stores the localization data.
Export Localization Data: Exports the localization data from a folder.
Properties: Launches the Properties page associated with this object.
4.7 The Navigator View
The Navigator view enables you to manage and view the file resources that are in your workspace.
You can see your projects and files as they actually exist in the file system. You can add files and folders, and append them to your projects or workspace. These extra items won’t change or affect the behavior of your Identity Manager solution. However, they enable you to conveniently append other pieces of information that you want to associate with your projects and workspace.
IMPORTANT: Do not use the Navigator View to copy, rename, move, or delete files for a project that is under version control. Performing these operations from the Navigator view does not reflect properly in the Version Control view.
64 Understanding Designer for Identity Manager
Figure 4-11 The Navigator View
The Navigator view enables you to do the following:
Workspaces, Perspectives, and Views 65
Table 4-2 Navigator View Icons
Icon Name Description
Project Name The name of the created project. This is the name of the project stored in the selected workspace directory. Double-clicking the Project name expands or collapses the entries under the project.
Right-clicking a project name allows you to do the following:
Under New:
Create a new project
Create a new Identity Manager Project
Create a new provisioning artifact
Create other projects
See just this project’s workspace (the Go Into option).
Open in a new window.
Copy, paste, delete, move, and rename the project.
Import and export the project.
Refresh the project.
Close the project or close unrelated projects.
Use the Source option to format the document.
View the project’s Properties window.
Project’s Documents
Folder and
Subfolders
The Designer > Documents folder contains the files of the created project.
Beneath the Designer > Documents directory are the documentation and resources folders and any other folders you have created in this project.
Right-clicking any of the project folder names allows you to do the following:
Under New:
Create a new project
Create a new Identity Manager Project
Create a new provisioning artifact
Create other projects
See only this project’s workspace (the Go Into option).
Open the directories in a new window.
Copy, paste, delete, move, and rename the folder.
Import and export the project.
Refresh the directory.
Use the Source option to format the document.
View the project’s Properties window.
66 Understanding Designer for Identity Manager
Icon Name
All File Types
Description
Because the project folders can contain many different files, you can see different icons displayed, depending on the file extension. Right-clicking any of these files allows you to:
Under New:
Create a new project
Create a new Identity Manager Project
Create a new provisioning artifact
Create other projects
Open the file in a Designer-chosen editor.
Open the file with the following choices:
Text editor
System editor
In-place editor
Default editor
XML files can choose an XML editor
Project files can choose the Modeler
Filter files can choose the Filter editor
Policy files can choose the Policy Builder editor
Copy, paste, delete, move, and rename the files.
Import and export the files.
Refresh the file or directory.
Use the Source option to format the document.
View the file’s Properties window.
IMPORTANT: Copy and paste operations, and drag and drop operations in the Navigator View are not handling files properly if they are under version control. Perform these operations from the
Project view if the project is under version control.
In the Navigator view, you can move any document into your project and edit it with a selected editor. For example, you can add a Word or PowerPoint document, then double-click the document.
The native application loads inside Designer, as any other editor would, where you can view and edit the document. (This feature only works on Windows.)
You can create linked resources at any depth within projects. This allows you to put resources from different places in the file system anywhere you like in the project structure, including below other linked resources. The same resource can be linked to the same project.
To create a linked resource:
1 Select Window > Show View > Navigator.
2 In the Navigator view, right-click a project, then select New > Other.
3 Expand the General folder.
Workspaces, Perspectives, and Views 67
4 Select Folder, then click Next.
5 Click Advanced, then select Link a folder in the filesystem.
6 Browse to and select a folder, click OK, then click Finish.
Designer creates a link to that folder directly under the project. You can then easily access the folder.
You can use the same procedure to link to a file.
4.8 Policy Set View
The Policy Set view lists policies and displays a toolbar.
Figure 4-12 The Policy Set View
68 Understanding Designer for Identity Manager
The list displays all policies contained in the selected policy set. During a transformation, the policies within the list are executed from top to bottom.
The Policy Set view includes the following icons in the icon bar at the top of the view:
Table 4-3 Policy Set View Icons
Name
Edit
Create
Delete
Remove
Move Policy
Minimize/Maximize
Description
When you select a policy, this icon brings up the Policy Builder.
Creates, copies, or links a policy.
Deletes a selected policy. You can also delete all policies in a policy set by selecting the policy set and clicking Delete.
When you select a policy, this icon enables you to remove the selected policy from the policy set without deleting it. When you select a policy set, the icon enables you to remove all policies from the selected policy set.
Moves the policy up and down in the policy chain.
Minimizes and maximizes the Policy Set view.
The following options are available when you right-click a policy set:
Table 4-4 Policy Set Right-Click Options
Operation
New > DirXML Script
New > SchemaMap
New > XSLT
New > From Copy
Link Existing Policy in Set
Remove All Set Policies
Delete All Set Policies
DirXML Script Tracing
Description
Enables you to create a new DirXML Script policy.
Enables you to create a new Schema Mapping policy.
Enables you to create a new XSLT policy.
Launches the Model Browser window, which enables you to browse to and copy an already-existing policy.
Enables you to browse to an existing policy and link that policy to your selected policy set.
Enables you to remove all the policies from the selected policy set without deleting them.
Enables you to delete all the policies from the selected policy set.
Enables you to turn DirXML Script Tracing on or off for the policy set.
You can also choose to apply your settings to all DirXML Scripts or to only the DirXML Script rules for the policy set.
The following options are available when you right-click a policy:
Workspaces, Perspectives, and Views 69
Table 4-5 Policy Right-Click Options
Operation
Edit
Copy
Save As
Simulate
Remove
Link to Existing Policy
Move Up
Move Down
Export to Configuration File
Live > Deploy
Live > Compare
Delete
Properties
Add to Package
Package Properties
Revert Customization
DirXML Script Tracing
Description
Launches the Policy Builder.
Enables you to copy a policy.
Enables you to name and save a policy in the file directory.
Enables you to test and debug the selected policy
Enables you to remove the policy from the policy set without deleting the policy.
Enables you to link this policy to an existing policy.
Enables you to move the policy up the policy chain.
Enables you to move the policy down the policy chain.
Enables you to export the selected policy to the driver configuration file.
Enables you to deploy the selected policy to the Identity Vault.
Compares selected policies. Enables you to reconcile or update policies.
Enables you to delete a selected policy.
Enables you to view the selected policy’s properties.
Allows you to include the policy in a package if it was not installed with a package.
Displays the properties of the package that installed the selected policy
This option is available if the policy is part of a package, and if the policy is customized. Revert Customization is like an undo, and it removes any customizations you made.
Enables you to turn DirXML Script Tracing on or off for the selected policy. You can also choose to apply your settings to all DirXML Script policies or to only DirXML Script rules for the policy.
The Policy Set view displays differently, depending on what mode the Outline view is in. If you are in Tree mode, the Policy Set view shows policies in a hierarchical containment. However, if you are in Policy Flow mode, the view shows a flat list of policies in the selected policy set.
To bring up a policy in the Policy Builder view, double-click the policy. For more on policies, see
Understanding Policies for Identity Manager 4.0.1
and Policies in Designer 4.0.1
.
4.9 The Properties View
The Properties view displays information on key-value pairs (for example, Max Log Entries 2). The information displayed depends on what is selected in the active view (for example, the Modeler or
Outline view).
70 Understanding Designer for Identity Manager
Often, the Properties view lets you edit the information. For example, you can select a driver in the
Modeler and then edit the trace level associated with that driver. You can also view and edit the
Administrator settings in an Identity Vault.
Figure 4-13 The Properties View of an Active Directory Driver
Section 4.9.1, “The Spinner Control,” on page 71
Section 4.9.2, “The DN Cell Editor,” on page 71
Section 4.9.3, “Editing Boolean Values,” on page 72
Section 4.9.4, “Keyboard Tips,” on page 72
Section 4.9.5, “Resizing Column Widths,” on page 72
Section 4.9.6, “Summary Table,” on page 72
4.9.1 The Spinner Control
Figure 4-14 The Spinner Control
When you edit numeric values in the Properties view, Designer displays a spinner control so that you can increase or decrease the number.
The maximum value on the spinner is set appropriately, based on the attribute type. For example, the maximum for log entries is 500.
4.9.2 The DN Cell Editor
Figure 4-15 DN Cell Editor
Workspaces, Perspectives, and Views 71
To edit attributes that are of type DN syntax (for example, Driver Set Deploy Context):
1 Click Deploy Context.
2 Type the distinguished name of the context.
You can also click the Browse button, then browse to and select an object with the eDirectory browser. In this case, you are selecting the Distinguished Name of the container to deploy the driver set.
4.9.3 Editing Boolean Values
Figure 4-16 Drop-Down List for Boolean Values
To edit Boolean values, select true or false from the drop-down list.
4.9.4 Keyboard Tips
Table 4-6 Keyboard Tips
Task Description
Save the value of the current cell editor and set the focus on the next editor.
Press Tab, Enter, the Up-arrow, or the Down-arrow.
Navigate backwards.
Exit the Properties view.
Press Shift+Tab. Navigation loops when you reach the top or bottom of a value.
Press Ctrl+Tab for forward navigation. Press
Ctrl+Shift+Tab for backward navigation.
4.9.5 Resizing Column Widths
If you resize the columns in the Properties view, those column widths persist in user preferences.
When you open the Properties view again or restart Designer, the resized widths are displayed.
4.9.6 Summary Table
Table 4-7 Properties View Tasks
Task
Opening
Edit
Description
If the view doesn’t already display, select Window > Show View >
Properties.
Edit the settings of any item selected in the Modeler or Outline View.
72 Understanding Designer for Identity Manager
Task
Multi-edit
Saving
Boolean Editor
Description
If you have selected more than one item, you can edit any settings that both items have in common. For example, if both items have a Name setting, you can select both and edit once. The change is made to both items. This function can boost productivity on certain edit operations.
When you click Save, all changes are saved to the project file. When you reopen the project, all settings are restored.
You can edit Boolean settings (true/false) by clicking the value, which toggles to the other value.
4.10 The Search Results View
To search across an entire project:
1 With the Modeler view active, press Ctrl+F.
2 Select whether the search is case-sensitive.
3 Filter object types you want to search on. You can select or deselect all items through the Select
All or Deselect All buttons.
4 Click OK.
The results appear in the Search Results view. You can sort the search results on any column by clicking that column header.
Workspaces, Perspectives, and Views 73
Figure 4-17 The Search Results View
If the Search Results view isn’t already open, the search opens it.
As you select an item (for example, a policy) in the Search view, the corresponding item (for example, the driver) is selected in the Modeler.
If you double-click an item, its appropriate dialog box or editor launches. To open an item with another editor, right-click the item and select Open With.
To clear the Search view, click the Clear icon in the Search view’s toolbar.
When you subsequently invoke the Search dialog box, Designer remembers your latest search settings.
4.11 The Tasks View
Figure 4-18 The Tasks View
The Tasks view enables you to make and prioritize notes while you manage identities. This view is for your convenience. It can contain whatever you want. It won’t affect the functionality of your solution.
This view enables you to do the following:
Add tasks
Delete tasks
Set task properties
Set filter properties
Mark if completed
Provide a description
74 Understanding Designer for Identity Manager
Set a priority
Sort on all fields
To add a task:
1 Open the Tasks view by selecting Window > Show View > Tasks.
2 Right-click in the Tasks view, then click Add Task.
3 Type a name in the Description field, select a priority, then click OK.
Or:
1 Click the Add Task icon located in the upper right corner of the tasks view.
To delete a task:
1 Right-click the task.
2 Click Delete.
Or:
1 Select the task so that the entire task is highlighted.
2 Click the Delete icon , located in the upper right corner of the tasks view.
NOTE: If you right-click the task description so only the task description is highlighted, then click
Delete, only the task description is deleted. This is helpful if you want to redefine your task description.
Section 4.11.1, “Task Properties,” on page 75
Section 4.11.2, “Filtering Tasks,” on page 76
Section 4.11.3, “Marking Tasks Completed,” on page 77
Section 4.11.4, “Right-Click Options,” on page 78
Section 4.11.5, “Setting Task Priorities,” on page 78
Section 4.11.6, “Sorting Tasks,” on page 79
4.11.1 Task Properties
To open the Task Properties page, right-click a task, then select Properties.
Table 4-8 Task Properties Functionality
Operation
Description
Creation Time
Priority
Completed
On Element
Description
Enables you to describe or name your task.
Indicates when the task was created.
Enables you to set the priority of the task to High, Normal or Low.
Enables you to indicate whether the task is completed.
Enables you to specify what element the task will be on.
Workspaces, Perspectives, and Views 75
Operation
In Folder
Location
4.11.2 Filtering Tasks
1 Click the filter icon .
2 Select filters, then click OK.
Description
Enables you to specify the folder the task will be in.
Enables you to specify the location of the task.
Table 4-9 Filters Window Functionality
Operation
User Filters
New
Remove
Select All
Deselect All
On Any Element
On Any Element in the Same Project
76 Understanding Designer for Identity Manager
Description
Enables you to select specific filters to filter your tasks.
Enables you to add a new filter to your user filters.
Enables you to remove an existing filter from your user filters.
Enables you to simultaneously select all your filters.
Enables you to simultaneously deselect all your filters.
Filters on any element.
Filters only on elements that are in the same project.
Operation
On Selected Element Only
On Selected Element and its Children
On Working Set
Select
Description
Where Priority is:
Where Status is:
Show Items of Type
Select All
Deselect All
Restore Default
Description
Filters only on the elements you have selected.
Filters only on the elements you have selected and the children of those elements.
Filters only on the working set you have selected.
Enables you to add, edit, remove and select working sets.
Enables you to filter by description.
Enables you to filter by priority.
Enables you to filter by status.
Enable you to filter by type.
Enables you to simultaneously select all types.
Enables you to simultaneously deselect all types.
Enables you to restore set defaults.
4.11.3 Marking Tasks Completed
1 Right-click the task you want to mark completed.
2 Click Mark Completed.
Or:
1 Click the check box in the left column of the Tasks view.
NOTE: When you mark a task as completed, the task automatically moves to the bottom of your list of tasks.
You can set a priority for your task when you add a new task to your list. However, this is not the only location where you can set a priority.
Workspaces, Perspectives, and Views 77
4.11.4 Right-Click Options
Table 4-10 Task Options
Operation
Add Task
Go To
Show In
Copy
Paste
Delete
Select All
Mark Completed
Delete Completed Tasks
Properties
Description
Enables you to add a task to the Tasks view.
Enables you to go to a designated place.
Enables you to show the task in another view.
Enables you to copy tasks.
Enables you to paste what has been cut or copied.
Enables you to delete all selected tasks.
Enables you to simultaneously select all tasks in the Tasks view.
Marks the selected task as Completed.
Deletes all tasks that are marked as Completed.
Opens the Properties window.
4.11.5 Setting Task Priorities
1 Right-click a task.
2 Select Properties.
3 Select the new priority.
Or:
1 In the Tasks view, locate the column with the exclamation mark (!).
2 Go to the task on which you want to change the priority.
3 Click in the column with the exclamation mark.
4 The task’s current priority is displayed.
5 Click the drop-down arrow to the right of the current priority.
6 Select the desired priority.
78 Understanding Designer for Identity Manager
4.11.6 Sorting Tasks
1 Click the Menu icon located in the right corner of the Tasks view.
2 In the drop-down menu, click Sorting.
The Sorting window enables you to sort your tasks in different ways, in ascending or descending order. You can sort by completion, priority, description, resource, path, location, and creation time.
Click Restore Defaults to restore the sorting defaults.
4.12 The Trace and Error Log Views
The Trace and Error Log views help you troubleshoot Designer.
Section 4.12.1, “Trace View,” on page 79
Section 4.12.2, “Error Log View,” on page 79
4.12.1 Trace View
The Trace view includes the following icons in the icon bar at the top of the view:
Table 4-11 Icons in the Trace View Toolbar
Icon Name
Clear Trace
Save
Preferences
Minimize/Maximize
Description
Clears the Trace view.
Saves Trace view contents to a .txt
file
Opens the Preferences window.
Minimizes and maximizes the Trace view.
4.12.2 Error Log View
The Error Log view includes the following icons in the icon bar at the top of the view:
Table 4-12 Icons on the Error Log View Toolbar
Icon Name
Export Log
Import Log
Clear Log Viewer
Delete Log
Open Log
Restore Log
Menu
Description
Enables you to export the error log to a location on the file system.
Enables you to import a file from the file system to the error log.
Clears all the entries in the Error Log viewer.
Deletes all items in the error log.
Opens an error log entry.
Restores log entries that have been previously cleared.
Reveals a menu drop-down list.
Workspaces, Perspectives, and Views 79
Icon Name Description
Menu > Filters Opens the Log Filters window.
Menu > Activate on New Events Activates a log entry on a new event.
Minimize/Maximize Minimizes and maximizes the Error Log view.
For more information, see “ Troubleshooting Designer ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
4.13 The Dataflow View
Designer allows you to manage how the data flows between the Identity Vault and the connected systems. You can see how the data flows between all of the connected systems, make changes as needed, create reports about the data, and view the flow of passwords between the systems.
The Dataflow view enables you to perform the following functions:
View the filters that allow the data to flow between all of the systems and the Identity Vaults
View how the passwords flow through the different systems
Add, delete, and edit driver sets, drivers, filters and Identity Vaults from one location
Generate HTML reports of the data flow and password flow
The Dataflow view includes the following icons in the icon bar at the top of the view:
Table 4-13 Dataflow View Icons
Icon Description
Add Filter Class Adds a new filter class to the dataflow list.
Add Filter Attribute Adds a new filter attribute to a selected filter class.
Expand All Classes Simultaneously expands all filter classes to reveal all existing filter attributes.
Collapse All Classes Simultaneously collapses all filter classes to hide all existing filter attributes.
Clear Arrows Clears all dataflow arrows from the drivers in the Modeler.
The Dataflow view and the Dataflow editor manage the data. The Dataflow view displays the flow of data in the Modeler per driver. The Dataflow editor displays a more granular view. For more information, see “ Managing the Flow of Data ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
4.14 The Project Checker
Designer provides a Project Checker tool to check your project. The project can be checked at any time, but you should run the Project Checker before deploying your project. The Project Checker checks for proper design, contexts, server associations, policies, missing user data, and dependency problems that would cause the deployment of project into the Identity Vault to fail. It only checks
80 Understanding Designer for Identity Manager
the objects in Designer; it does not check the current objects in the Identity Vault. For more information on the Project Checker, see “ Checking Your Projects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Workspaces, Perspectives, and Views 81
82 Understanding Designer for Identity Manager
Editors, Builders, and Wizards
Designer contains multiple builders to help you build working policies, packages, and drivers. It also contains editors to assist in you in editing projects, and wizards to help you build drivers and packages. Below is a brief explanation of what builders, editors and wizards do, along with some examples of their functionality.
Designer also contains many views to help you design and implement Identity Manager solutions.
For more information about views, see Section 4.4, “Managing Views,” on page 31 .
Section 5.1, “Editors,” on page 83
Section 5.2, “Builders,” on page 88
Section 5.3, “Wizards,” on page 88
5.1 Editors
Section 5.1.1, “Using an Editor,” on page 83
Section 5.1.2, “XML Editor,” on page 87
Section 5.1.3, “Filter Editor,” on page 87
Section 5.1.4, “Schema Map Editor,” on page 87
5.1.1 Using an Editor
Editors enable you to modify projects or other items that are listed in the Navigator or the Project view. Designer comes with a number of editors, and a default editor is designated for most file types.
To select an editor other than the default:
1 Expand a project in the Project or Navigator view (there are more editors in the Navigator view).
2 Select the
Documents\Generated folder.
3 Right-click any of the files, such as .
xml , .
pdf , or .
txt , and select Open With > Editor Name.
The example below shows the process of opening a file with the Text Editor from the Navigator view.
5
Editors, Builders, and Wizards 83
The editor you choose depends on the type of file you select. Designer lists what it considers to be the best editor for the selected file type.
The following figure illustrates a text editor. When you right-click the editor, a menu is available:
Figure 5-1 The Text Editor’s Menu
The Preferences window lets you set a text editor’s preferences. You get to this window by selecting
Window > Preferences > General > Editors > Text Editors.
84 Understanding Designer for Identity Manager
Figure 5-2 Preferences: Text Editors
For information on the settings, see “ Text Editors ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Each file type you right-click brings up a list of editors.
.
xml extension:
Novell XML Editor (default)
Text Editor
System Editor
In-Place Editor
Default Editor
.
txt extension:
Text Editor (default)
System Editor
In-Place Editor
Default Editor
.
pdf extension:
Text Editor
Editors, Builders, and Wizards 85
System Editor (default)
In-Place Editor
Default Editor
.
project extension:
Text Editor (default)
System Editor
In-Place Editor
Default Editor
.
proj extension:
Modeler (default)
Text Editor
System Editor
In-Place Editor
Default Editor
.
log extension:
DS Trace Editor
Text Editor
System Editor
In-Place Editor
Default Editor
You can also select Open With > Other to open the Editor Selection page.
Figure 5-3 Selecting an Internal or External Editor
Select an appropriate editor and click OK. If you have a particular editor in mind, select External
Programs, then click Browse to select that program.
86 Understanding Designer for Identity Manager
Below are some examples of editors and their functionality.
5.1.2 XML Editor
You can use the XML editor in policy management and configuration editing. The XML editor can do the following:
Outline view support
Find and replace
Highlight syntax
Auto suggest
Auto-insert end tags
5.1.3 Filter Editor
Add classes and attributes
Copy the filter
Delete
Multiselect support
Keyboard support
Refresh the schema
Expand/collapse all
Configure default values
Create a home directory
Track member templates
Merge authority
Optimize modifications
Undo/redo
XML editor integration
5.1.4 Schema Map Editor
Add classes and attributes
Delete
Multiselect support
Keyboard support
Refresh the schema
Expand/collapse all
Non-class-specific handling
XML editor
Editors, Builders, and Wizards 87
5.2 Builders
A Builder is a complete graphical interface for creating and managing the policies that define the exchange of data between connected systems. Builders help you to build portions of a policy. For example, you define most arguments in the Argument Builder, and the Policy Builder enables you to add, view, and delete the rules that make up a policy. You can also use the Policy Builder to import and save policies and rules, and manage XML namespaces.
There are several more builders and editors that are used by the Condition editor and Action editor in the Policy Builder. Each builder can recursively call anyone of the builders. For more information on builders, see “ Managing Policies with the Policy Builder ” and “ Using Additional Builders and
Editors ” in the Policies in Designer 4.0.1
.
Builders give you powerful flexibility in designing data exchange. For example, the Policy Builder has the following capabilities:
Creating and editing policy scripts
Defining rules: conditions, actions, groups
Support for predefined rules
Emphasis on productivity
Nested inline editors
Keyboard support
Copy/paste within an editor and across editors
Drag and drop
Integrated Help
Policy creation wizards
Import/export
Namespace editing
Expand/collapse all
Reordering
Integrated e-mail templates
Integrated Global Configuration Values
Integrated schema
Various display preferences
Argument builder and token editor
Undo/redo
Validation
XML editor
5.3 Wizards
A wizard is a graphical interface that helps you build something in Designer. For example, the Add
Policy Wizard enables you to create, copy, and link a policy. As another example, Designer allows you to create entitlements through the Entitlement Wizard, which steps you through the creation of
88 Understanding Designer for Identity Manager
entitlements by asking a series of questions about how the entitlement will be used in the enterprise.
Because of this graphical interface, we recommend using Designer for creating and editing entitlements.
Below is a list of some of the Designer wizards and where to read more about them:
Entitlement Wizard (see “ Creating Entitlements through the Entitlement Wizard ” in the
Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .)
Project Converter Wizard (see “ Converting Earlier Projects ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .)
Identity Manager Project Wizard (see “ When No Project Exists ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .)
Driver Configuration Wizard (see “ Creating a Driver ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .)
Document Generation Wizard (see “ Generating a Document ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .)
Editors, Builders, and Wizards 89
90 Understanding Designer for Identity Manager
Planning Identity Solutions
Section 6.1, “Planning an Identity Project,” on page 91
Section 6.2, “Using Designer In Your Planning Process,” on page 95
Section 6.3, “Security Best Practices,” on page 97
6.1 Planning an Identity Project
Identity Target Goals
Make sure that you and others working on the project use the same terminology. For example, password synchronization and single sign-on are two different technologies.
Also, make sure that the meaning and usage of “metadirectory” are clear as you communicate with others on the project.
Clearly write down the big picture of what you are trying to do.
Discover the Business Process
The process that you are trying to automate with Identity Manager is often already defined and written down.
Be careful. Even if a process exists, people commonly don’t fully understand how it works.
Clearly write down what the business process is, and clarify the process to others.
Identify All Systems
Identify all systems and all connectivity interfaces between existing systems. Doing this can lead to an increase or decrease in the originally planned systems that you had in mind.
Keep in mind that telephony systems often don’t have an easy API interface.
SQL-based systems sometimes have a very complex database relationship model. It’s possible that nobody in your environment understands how the model actually works.
Identify how many Identity Vaults you will need, where they will be located, and what they will connect with.
What to Do In Designer: You can use the Designer Architect Modeler during this process. It’s very helpful to build a diagram of your enterprise, and capture key information about each of your systems and each of the users who administer those systems.
As you start a project, keep in mind that the “people management” aspect is vital to your ultimate success. As you identify systems, you need to start the process for getting access to those systems in the various departments of the organization.
Define High-Level Data Sync Flow
Define high-level data sync flow.
6
Planning Identity Solutions 91
Define the different information types that you want to synchronize. It’s common to have different employee types (for example, internal or external).
Be aware of the relationships and dependencies between information of different types (for example, employee, manager, organization, or location).
Doing this step well is critical in helping you to define your data and policy needs.
What to Do In Designer: You can design these data flows in the Dataflow view while you are in the Architect mode or Developer mode.
Define Which Objects and Attributes to Synchronize
After knowing the data and relationships, you can break the data into specific Identity Vault and
Application object types and attributes.
Define merging behavior, pass through, notification, and reset of attributes.
Identify and derive additional operations based on an original event.
Identify attributes for match, creation, and placement behaviors.
What to Do In Designer: You can use the Task view to capture all of this information or add it to a section in a Document Generation form. One advantage for having it in the Task view is that you can then check off your tasks as you move into the implementation phase and write the policy to deliver your requirements.
You can also include other files (word processing document, spreadsheet, presentation) in your
Designer project through the Navigator view. By default, the Navigator view launches the appropriate native application to edit and view that document in a way that integrates into Designer, as long as the platform supports it. If you prefer, you can also configure Designer to use a different editor. This view gives you many options for the types of documents you can include and edit in a
Designer project.
Write a Requirements Assessment Document
Document all of the above findings.
Write a high-level acceptance proposal.
Describe the infrastructure.
Create a project timeline.
What to Do In Designer: You can use Designer’s Document Generator to capture your high-level design, systems, and basic data flows. You can also fill in sections in the document or create your own sections that describe the project.
Fill In Technical Details
Take the high-level diagram that you created in the Architect mode and transition it to a detailed diagram that you can use to configure your entire solution.
Configure server and authentication information on the Identity Vaults.
92 Understanding Designer for Identity Manager
Create driver sets and drivers. Determine how many driver sets are on each vault. Define what drivers are associated with each driver set, and what servers the driver set is running on. Run the
Driver Configuration Wizard on each driver.
Develop driver policies. Make sure that you define and use Global Configuration Values (GCVs) as much as possible. Doing this leads to easier maintenance.
What to Do In Designer: With the Modeler in Developer mode, use the Outline view, Policy Flow view, properties dialog boxes on all objects, Filter editor, Schema Map editor, E-mail Template editor, Policy Builder, and other functionality.
NOTE: The preceding six steps assume that you are building an identity solution from the beginning.
However, Designer is also intended for working on existing solutions. You can create a project and import existing driver sets, drivers, policies, and configurations. Designer lets you easily diagram and manage all components as one complete solution. You can edit existing policies or configurations, add new elements, and then redeploy.
Using Designer on existing solutions has several advantages. You can do the following:
Work in a high-productivity development environment.
Easily work off-line.
Have everything on your local file system for versioning and backup.
Simulate.
Generate documentation for your projects.
Unit Test
Use project-proposal documents and requirements as a basis.
Test all policies. In addition to the Designer tools, you can deploy the project (or parts of it) into a test environment to test more fully.
Generate a report on results.
What to Do In Designer: Use the Designer Policy Simulator to do much of your policy simulation and debugging. It is very easy to use, helps you identify many issues, and is ideal for offline development.
Build a Production Environment
As much as possible, mirror existing production environments.
Make sure of the following:
All Identity Manager engines and drivers are installed.
All servers have correct IP addresses.
The applications your drivers will connect to are in place.
As an extra precaution, you might want to deploy to a full test environment or staging environment first. If you decide to do this, all of the above steps apply to configuring that environment.
Planning Identity Solutions 93
What to Do In Designer: To make the next steps easier, you can click a button, get a full PDF document of all of the configuration details of your project, and use that document as you set up your machines and software.
Clean Data Before You Deploy
Each user has a unique and correctly formatted ID.
All users and other objects are where you expect them to be.
No duplicate objects exist.
No extra or unnecessary objects exist.
Deploy to Production
Make sure that the production systems are working well. For example, machines are up and running.
Before you deploy, make sure you have done adequate testing on your project.
If you have previously configured the project to deploy to a separate test or staging environment, you need to change the IP addresses on each Identity Vault (and maybe some GCVs) to successfully deploy to the production environment.
After you deploy, quickly test and redeploy all or any part of the project with any fixes you need.
What to Do In Designer: In the future, more will be done in Designer to help in this area. For now, the following tips can help in this process:
Do a full copy of the project in the Project View.
This lets you fill in the new IP addresses for production and leave the old ones alone, so that you can have a project called Staging and another called Production. The disadvantage is that if you change something such as a policy in one project, you need to change it in the other to keep the policies in sync. Designer does let you copy/paste between projects to make synchronization easier.
Always use GCVs to keep your policies easily portable.
If you have a value that is environment-dependent, you only need to edit a GCV when switching to a different environment.
Use the Modeler’s Table editor.
This editor is a quick and easy way to get to objects of a certain type (for example, all of your
Identity Vaults or all of your servers), see their values, and edit them.
Document your project.
Document Generation is always available to help you understand your configurations.
Document, Back Up, and Maintain
What to Do In Designer: Run the Document Generator and save the document.
Make a copy of your project in the Project view. A copy is useful in case you ever need to return to that state or set up a production system again for any reason.
94 Understanding Designer for Identity Manager
Over time, you will certainly add systems and policies, and make changes in your production environment. You can use iManager for the management of your system (especially if the change is more of an administrative task) and then reimport those changes into your local Designer project.
If the changes you need to make are more suited for a development environment, (for example, policy debugging, policy development, or adding new systems) then continuing to use Designer is the best practice. After each change, you can redeploy the project or just the elements that have changed.
As you version and extend your project over time, remember to always use Document Generation as your paper trail.
6.2 Using Designer In Your Planning Process
Section 6.2.1, “Using the Architect View to Design Your Identity Environment,” on page 95
Section 6.2.2, “Designing New Solutions,” on page 95
Section 6.2.3, “Redesigning Existing Solutions,” on page 96
Section 6.2.4, “Working on Live Systems,” on page 96
6.2.1 Using the Architect View to Design Your Identity
Environment
1 Launch Designer.
2 Open or create a new project in the Modeler view.
3 Select the Architect view from the bottom of the Modeler view.
4 Drag and drop items from the Palette.
These items are representations of the drivers and applications that make up an Identity
Manager solution. There are also a number of design elements to help you in designing your network layout.
5 Edit the item’s names to match your Identity Manager environment.
6 Use the Architect view as a basis for your actual Designer project.
7 Use the Developer view to run the configuration wizards on any driver sets and drivers you have added through the Architect view.
Driver objects created through the Architect view are not configured to run in an Identity
Manager system. Consequently, you need to import or create the drivers from the Developer view in the Modeler in order to run the Driver Wizard. The Driver Wizard configures the driver with policies, entitlements, and other configuration information that is necessary for the driver to run in an Identity network.
6.2.2 Designing New Solutions
1 Launch Designer.
2 Using the New Project Wizard, open or create a project.
3 Drag and drop items from the Modeler Palette.
4 Edit the item settings and configurations (for example, names, IP addresses, and passwords).
Planning Identity Solutions 95
5 Using the Policy Builder and other policy editors, write a policy for sharing data between systems.
6 Check your work.
7 Use the Document Generator to generate project documentation, and review the documentation with others.
8 Deploy the project to a test system for verification.
9 After the project is verified, deploy the project to a live system.
6.2.3 Redesigning Existing Solutions
1 Launch Designer.
2 Open or create a new project.
3 Import Identity Management elements (drivers, driver sets) from working directories.
4 Edit the element settings and configurations (for example, names, IP addresses, and passwords).
5 Using the Policy Builder and other policy editors, write a policy for sharing data between systems.
6 Check your work.
7 Use the Document Generator to generate project documentation, and review the documentation with others
8 Deploy the project to a test system for verification.
9 After the project is verified, deploy the project to a live system.
6.2.4 Working on Live Systems
The fundamental model/paradigm of Designer is to import solutions, configure them locally in the
Designer environment, and then deploy when a solution is ready. This approach was taken to optimize the experience for the following:
Offline work
Highly productive development
A safer model of configuring and testing before touching your live system
The best practice is to set up a test environment for configuration and testing before deploying the solution into a live system.
The Live Operations tool is aimed at developers and architects as the primary audience. For convenience, Designer enables you to perform key operations that a developer typically needs to do, so that the developer can effectively browse live trees, check driver status, start/stop drivers, and configure driver security.
The functionality of Live Operations options takes immediate effect on the end systems. These operations are clearly grouped in the Designer UI, so that you can tell if you are performing a live operation.
96 Understanding Designer for Identity Manager
6.3 Security Best Practices
When using Designer for Identity Manager, observe best practices.
Limiting Rights
Before giving a consultant an Identity Vault administrator password, limit the rights assigned to that administrator to areas of the tree that the consultant must access. Doing so protects sensitive data from being misused, damaged, or unintentionally compromised.
Changing Passwords
After a consultant has completed work, change the password of the user (for example, admin) that the consultant used. If you created a special user (for example, consadmin) for that consultant to use, delete that user or change passwords. Doing so restricts access and brings closure to the consulting process.
Deleting or Saving .proj Files
Delete the project files ( .proj
) or save them to a company directory.
Designer .
proj files are to remain at the company’s project site. A consultant does not take the files after completing a project.
Deleting Files That Aren’t Needed
When project files, log files, and trace files are no longer needed, delete them. These files might contain sensitive information.
Verifying Files
Before discarding or surplusing a laptop, verify that project files have been deleted. Otherwise, someone might discover sensitive information.
Securing Connections
Ensure that the connection from Designer to the Identity Vault server is physically secure.
Otherwise, someone could monitor the wire and pull sensitive information.
Handling Documents
When you create documents by using the Document Generator, take care with those documents.
These documents can contain passwords and sensitive data in clear text.
Working with Encrypted Attributes
If Designer needs to read or write to an eDirectory attribute, you can mark the attribute to be encrypted, but you can also allow the attribute to be read over the wire in clear text. This means that you can have encrypted attributes, but they cannot be retrieved securely.
Handling Sensitive Passwords
Do not store passwords that are sensitive.
Planning Identity Solutions 97
At this time, Designer projects are not encrypted. Passwords are only encoded. Therefore, do not share Designer projects that have saved passwords.
To save a password for a session, but not save it to the project:
1 In an expanded Outline view, right-click an Identity Vault.
2 Select Properties.
3 On the Configuration page, type a password, then click OK.
You can enter a password once per session. After you close Designer, the password is lost.
To save a password to the project, complete Step 1 through Step 3, select Save, then click OK.
Security for the User Application
For information on security issues relating to the User Application, see the “ Security Configuration” section (http://www.novell.com/documentation/idm35/agpro/index.html?page=/documentation/ idm35/agpro/data/agproadminappsecurity.html) in the Identity Manager User Application:
Administration Guide (http://www.novell.com/documentation/idm35/index.html) .
98 Understanding Designer for Identity Manager
Designer’s Architecture
Section A.1, “Designer Is Built on Eclipse Technology,” on page 99
Section A.2, “The Designer Core Model Uses the Eclipse Modeling Framework,” on page 99
A.1 Designer Is Built on Eclipse Technology
Designer is based on Eclipse technology. This open source technology is actively supported by more than 60 leading companies (such as IBM, HP, Intel, SAP, Fujitsu, and Oracle) and by thousands of other developers throughout the commercial industry and the academic world.
With Designer based on Eclipse, you receive the following benefits:
Published, well-documented, and supported APIs frequently used across the industry.
An underlying model that integrates well with any plug-in.
A rich, advanced UI.
Capability to fully and easily extend our product in the future.
Better integration and leveraging of other applications.
Open source as the basic framework.
You can install Novell tools into any Eclipse-based framework.
Out-of-box tools (Java editor, debugger, JUnit, ANT, CVS integration) that are free if you want to access them (and other tools) within the Designer.
Cross-platform benefits of Java, but the native performance and native look of the platform.
Quick access to meaningful tools.
A framework that quickly picks up entirely new capabilities contributed by a larger community.
Instead of focusing on tools, developers are able to concentrate on providing quality content so they don’t need to spend as much time on creating, debugging, and fixing the framework.
A.2 The Designer Core Model Uses the Eclipse
Modeling Framework
At the heart of Designer for Identity Manager is a strong object model that is based on the Eclipse
Modeling Framework. This model uses the industry standard XMI format (XML Metadata
Interchange Format) for storing objects and their relationships.
The main purpose of XMI is to enable easy interchange of metadata between modeling tools, that are based on the Object Management Group Unified Modeling Language (OMG UML) and between tools and metadata repositories, that are based on the OMG MetaObject Facility (MOF) in distributed heterogeneous environments. XMI integrates three key industry standards:
XML (Extensible Markup Language), a W3C standard
UML (Unified Modeling Language), an OMG modeling standard
MOF OMG modeling and metadata repository standard
A
Designer’s Architecture 99
The integration of these three standards into XMI integrates the best of OMG and W3C metadata and modeling technologies, allowing developers of distributed systems to share object models and other metadata. XMI, together with MOF and UML, forms the core of the OMG repository architecture that integrates object-oriented modeling and design tools with each other and with a
MOF-based extensible repository framework.
Because Designer is based on this technology, you get the following benefits:
Published industry-standard APIs so that you can programmatically interact with the model.
A solid event-notification mechanism if the model ever changes.
All views, editors, and plug-ins are notified and in sync.
The ability to auto-generate Java code or UML from the model, or vice-versa.
Undo/redo the stack across all views, editors, and plug-ins that are in sync with the model.
100 Understanding Designer for Identity Manager
Terminology
The following terms are used in Designer:
Icon Term
Application object
Driver object driver set driver properties shortcut filter
Identity Vault
Notification collection
Notification object package policy project name
Description
Represents a connected system, whether that system is a database or CSV files.
A collection of channels, policies, rules, and filters that connect an application to an eDirectory tree running
Identity Manager. Each driver performs different tasks.
Policies, rules, and filters tell the driver how to manipulate the data to perform those tasks.
A collection of Identity Manager drivers that are stored in a single location.
Double-clicking the shortcut brings up the Properties window associated with the object’s name.
A gatekeeper that determines which objects (groups, users, and the attributes associated with them) can be sent to and from eDirectory. Allows the objects to be sent.
Represents the eDirectory tree that has Identity Manager installed on it.
A placeholder for all e-mail notification templates.
A notification template. Used to send an e-mail notification to a user concerning a password event (for example, a request for a password hint).
A container for organizing the driver content. Replaces driver configuration files.
A collection of rules and arguments that enable you to configure an application to send or receive events to or from an Identity Vault. You use policies to manipulate the data that you receive from the Identity Vault or from the application. Each driver performs different tasks. Policies tell the driver how to manipulate the data to perform those tasks.
The name of the project when you create it. The name of the project is stored in the \workspace\project_name directory.
B
Terminology 101
Icon Term
Publisher channel schema mapping
Server object
Subscriber channel
XSLT
Description
A combination of rules and policies. Designer enables you to import a channel instead of the entire driver. The
Subscriber and Publisher channels describe the direction in which the information flows. The Publisher channel takes the event from the application, database, or CSV file and sends that event to eDirectory. The Subscriber and
Publisher channels act independently; actions in one are not affected by what happens in the other.
Enables Identity Manager to synchronize information to the connected system without changing the connected system.
The schema translates all classes and attributes for the connected system.
The server in the tree where you have Identity Manager installed.
A combination of rules and policies. Designer enables you to import a channel instead of the entire driver. The
Subscriber channel takes the event from eDirectory and sends that event to the receiving system (application, database, or CSV file). The Subscriber and Publisher channels act independently; actions in one are not affected by what happens in the other.
Represents XSLT style sheets. XSLT is used instead of
DirXML Script.
102 Understanding Designer for Identity Manager
Menu Options
The following links provide information about options on the main menu and toolbar. If other items appear in the user interface, they are contributed by other plug-ins. Documentation for those items are in the plug-in’s section of the help system.
Section C.1, “File Menu,” on page 103
Section C.2, “Edit Menu,” on page 106
Section C.3, “View Menu,” on page 106
Section C.4, “Project Menu,” on page 107
Section C.5, “Live Menu,” on page 107
Section C.6, “Tools Menu,” on page 109
Section C.7, “Model Menu,” on page 109
Section C.8, “Window Menu,” on page 115
Section C.9, “Help Menu,” on page 122
C.1 File Menu
C
Option Description
File > New > New Project
File > New > Project
Creates an Identity Manager project and location.
The project then appears in the Project view. See
Section 6.2, “Using Designer In Your Planning
Launches the New Projects Wizard. You can also select to create a new document generation style.
File > New > Provisioning
File > New > Other
File > New > Other > General > File
File > New > Other > General > Folder
Helps you define directory abstraction layer objects and provisioning request definitions for the user application.
Launches the Identity Manager Projects Wizard.
Creates a new, empty file resource.
Creates a new folder in the project resource folder.
File > New > Other > General > Untitled Text File Creates an empty, untitled text file in the project folder.
Creates a Document Generation style (template).
File > New > Other > Designer Document
Generation > Document Generation Style
(.docgen)
NOTE: At least one Designer project must exist before you can create a Document Generation style.
File > New > Other > Novell Identity Manager >
New Project
Creates an Identity Manager project name and location.
Menu Options 103
Option Description
File > New > Other > Provisioning > Directory
Abstraction Layer Entity
File > New > Other > Provisioning > Directory
Abstraction Layer List
Specifies the project and application for the new entity, as well as the display name and key for the new entity. See “Configuring the Directory
Abstraction Layer” (http://www.novell.com/ documentation/idm/index.html?page=/ documentation/idm/agpro/data/ agproconfigdirabstractionlayer.html) .
Specifies the project and application for the new list as well as the key for the new list. See “Configuring the Directory Abstraction Layer” (http:// www.novell.com/documentation/idm/ index.html?page=/documentation/idm/agpro/data/ agproconfigdirabstractionlayer.html) .
File > New > Other > Provisioning > Directory
Abstraction Layer Query
File > New > Other > Provisioning > Directory
Abstraction Layer Relationship
File > New > Other > Provisioning > Provisioning
Request Definition
File > New > Other > Provisioning > Provisioning
Team
File > New > Other > Resource
File > New > Other > Provisioning > Role
Enables you to define a set of users who can act as a team for the Requests & Approvals tab of the
User Application. The team definition determines who can manage provisioning requests and approval tasks associated with this team.
Launches the Create a Resource Wizard for provisioning.
Launches the Create a Role Wizard for provisioning.
File > New > Other > Provisioning > Separation of
Duties
Launches the Separation of Duties Constraint window, allowing you to set up and identifier and display name to act as a constraint.
File > Open File
File > Close
File > Close All
File > Save
File > Save As
File > Save All
Specifies the project and provisioning application for the new directory abstraction layer query object, as well as the display name and key. See
“Configuring the Directory Abstraction Layer” (http:/
/www.novell.com/documentation/idm/ index.html?page=/documentation/idm/agpro/data/ agproconfigdirabstractionlayer.html) .
Specifies the project and application for the new relationship as well as the display name and key for the new relationship.
Specifies the basic information from a workflow template of the provisioning request definition.
Enables you to browse to and open a text or XML file.
Closes the active editor.
Closes all open editors.
Saves changes made in the active editor.
Saves changes made in the active editor to a different file.
Saves changes in all editors.
104 Understanding Designer for Identity Manager
Option Description
File > Move
File > Rename
Moves a file, folder, or project to a different location in the file system. Only available in the Navigator view.
Renames a file or project. Only available in the
Navigator view.
File > Refresh
File > Print
File > Switch Workspace
Loads the project or file from disk and makes sure it is in sync. (If you add new files outside of the tool directly in the file system, this option displays them in the Project view.)
Prints from an editor.
Opens another workspace with its projects. This option automatically restarts Designer.
Restarts Designer.
File > Restart
File > Import
File > Import > Project (From File System)
File > Import > Project (From Identity Vault)
Imports resources, projects, or preferences. See
“ Importing Projects ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Imports existing project files from selected directories or archive files.
Imports existing projects from specified secure entities after entering the required authentication information.
File > Import > Project (From iManager Export File) Imports an existing Identity Manager project from an iManager export file (driver set or driver).
File > Import > Project (From Version Control)
File > Export
Imports a project from a version control server.
Exports resources or preferences. See “ Exporting a
Project ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
File > Export > Designer for Identity Manager >
Export Designer Project
File > Export > Designer for Identity Manager > iManager Configuration File
File > Properties
File > History
File > Exit
Exports projects to the local file system or to an archive file on the local file system.
Exports a driver set, driver, channel, or policy to an iManager-compatible configuration file.
Enables you to view the file's full name, date, size, type, and read-only status.
Lists the history of files and projects opened. By selecting items in this history list, you can reopen a file or project. To configure the length of this history list, use the Preferences dialog box.
Closes the application.
Menu Options 105
C.2 Edit Menu
Option
Edit > Undo
Edit > Redo
Edit > Cut
Edit > Copy
Edit > Paste
Edit > Delete
Edit > Select All
Edit > Find/Replace
Edit > Add Bookmark
Edit > Add Task
C.3 View Menu
Option
Zoom In
Zoom Out
Grid
Alignment Hints
Rulers
106 Understanding Designer for Identity Manager
Description
Undoes the last operation.
Redoes the last undone operation.
Copies the selected item to the Clipboard and removes it after it is pasted.
Copies the selected item to the Clipboard.
Pastes the current item in the Clipboard to the selected area.
Deletes the selected item
Selects all items in a text or XML editor. To select all items in the Modeler, select it, then press Ctrl+A.
Replaces text strings in text or XML editors.
Used in text editors.
Adds a task and leaves a mark in the file. Used in text editors.
Description
Increases an item's size. You can also slide the
Zoom slider in the main toolbar. To reset Zoom to
100%, click the Zoom Restore icon.
.
Decreases an item's size. You can also slide the
Zoom slider in the main toolbar. To reset Zoom to
100%, click the Zoom Restore icon.
Provides a grid so that you can align items. See
“ Using a Grid ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Helps you see relationships in your model. You can align or attach items to the left, center, or right of alignment guides. See “ Aligning and Laying Out
Components ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Turns rulers off and on, to help with alignment and layout. See “ Using Rulers ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
C.4 Project Menu
Option
Project > Document > New Style
Project > Document > Edit Style
Project > Document > Generate Documentation
Project > New Project
Project > Import Project > File System
Project > Import Project > Identity Vault
Project > Import Project > iManager Export File
Project > Import Project > Version Control
Project > Export Project
Project > Update
Project > Check in
Project > Copy Project
Project > Move
Project > Rename
Description
Generates a new style document for a specified project.
Edits a style document for a project located in the
Documentation folder under a project in the Project view.
Generates project PDF documentation after saving file changes. You can select the directory location where documentation is stored, specify to overwrite existing files, and create XML source files.
Launches a new project.
Imports an existing project from the file system into
Designer from a selected root directory or archive file.
Imports an existing project from an Identity Vault into Designer.
Creates a Designer project by selecting an iManager .xml
export file. The .xml
file can be a driver set export, driver export, or Novell preconfiguration file.
Imports projects from the version control server.
Exports projects to the local file system or to an archive file on the local file system.
Allows you to update a project from a version control server.
Allows you to check in a project to a version control server.
Allows you to create a copy of a project.
Allows you to move a project from one location to another.
Allows you to rename a project.
C.5 Live Menu
Option
Live > Manage Directory
Description
Browses specified Identity Vault configurations.
See “ Configuring Identity Vaults ” in the Designer
4.0.1 for Identity Manager 4.0.1 Administration
Guide .
Menu Options 107
Option
Live > DS Trace
Live > Import
Live > Import Attributes
Live > Import Schema
Live > Deploy
Live> Deploy Attributes
Live> Deploy Schema
Live > Compare
Live > Compare Attributes
Live > Refresh Application Schema
Live > Start Driver
Live > Stop Driver
Live > Restart Driver
Live > Driver Status
Live > Create eDir-to-eDir Certificates
Live > Set Driver Trace Level
Description
Launches DSTrace on the server where the Identity
Vault resides.
Imports driver sets, drivers, or applications. Used in the Modeler and in the Outline view. See “ Importing a Library, a Driver Set, or a Driver from the Identity
Vault ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Imports a driver configuration from an alreadysaved XML file. See “ Importing a Driver
Configuration File ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Imports a schema from an Identity Vault.
Deploys driver sets, drivers, or applications. Used in the Modeler and in the Outline view.
Deploys attributes to selected objects.
Deploys a schema stored in Designer into an
Identity Vault.
Allows you to compare the information structure on an object in Designer to the object that is deployed or running on an eDirectory server.
Allows you to compare the attributes of a policy to the attributes that are already deployed.
Specifies the server on an eDirectory tree where the schema is refreshed after an application’s schema changes. See “ Refreshing the Application
Schema ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Starts an inactive driver. See “ Configuring Drivers ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Stops an active driver.
Restarts an active driver.
Displays each driver’s status. Enables you to start, stop, or restart drivers. Enables you to browse, import, and deploy various functionality, depending on the item selected. See “ Configuring Drivers ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Configures two eDirectory drivers to communicate directly with each other. See “ Configuring TLS for eDir-to-eDir Drivers ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Allows you to specify how much information you want to see in a trace level log from the driver.
Settings go from 0-5.
108 Understanding Designer for Identity Manager
Option
Live > Setup Driver Security
C.6 Tools Menu
Option
Tools > Manage Directory
Tools > DS Trace
Tools > iManager
Tools > Export Localization to File
Tools > Import Localization from File
Tools > Access User Application
Description
Configures security parameters for drivers.
Description
Opens an eDirectory browser to view objects and their attributes in a tree. Use this tool only if you understand the intricacies of eDirectory.
Lets you view live DSTrace activity for a specific server, and save the trace to a log file. You can also open a previously saved DSTrace log file.
Specifies the Novell iManager URL, which is stored in the application preferences folder.
Sends the User Application's display labels and email notification templates to an XML or properties file so that the data can be localized.
Imports localization data from a project.
Automatically directs and opens a User Application session from within the embedded HTML browser, if a user application is configured in the Designer project.
C.7 Model Menu
Option
Model
Model > Application
Model > Application > New
Model > Application > Connection Settings
Description
Accesses the Modeler applications, tools, drivers, and other resources. See “ Creating a Model ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Accesses tools to create Designer applications.
NOTE: Functionality becomes active when objects in the Designer window are clicked.
Creates a new .xml
application driver after a driver set is selected in the Modeler window. You can select from a preconfigured list of driver types and run the associated scripts to verify the driver requirements.
Configures the VNC connectivity settings for objects created in the Modeler window.
Menu Options 109
Option Description
Model > Application > Remote Control Desktop
Model > Application > Show Subsystems
Model > Application > Notes
Model > Application > Administrator
Model > Application > Icon
Model > Application > Properties
Model > Design Element > New
Model > Design Element > Connection Settings
Model > Design Element > Remote Control
Desktop
Configures the remote control desktop of the resource if a VNC server is running on it.
Shows or hides an application’s subsystems. See
“ Show/Hide Subsystems ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Opens the environment properties window in
Modeler to document platform, hardware, and other environment notes about objects you create.
Opens the administrator properties window in
Modeler to document personal and contact information and other notes about objects you create.
Opens the general properties window in Modeler to create or edit icons you create for Designer objects.
See “ Driver iManager Icon ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Opens the general properties window for objects selected in Modeler. See “ Configuring Application
Properties ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Instructs you to click the Architect tab, click the
Design Element drawer in the palette, and drag and drop items into the Modeler.
In Architect mode, launches the Connectivity page for design elements that have VNC connectivity.
Enables you to connect to an element or object.
Connects to the application by using the VNC protocol. Displays an editor that you can use to control the application.
Model > Design Element > Administrator Launches the Design Elements properties page.
The Administrator option enables you to capture information about whom to contact concerning the application.
Model > Design Element < Properties
Model > Domain Group > New
Specifies a design element’s properties.
Creates a new domain into which selected objects can be grouped in Modeler.
Model > Domain Group > Clear Domain Contents Clears objects that are contained in a domain.
Model > Domain Group > Add to Group
Model > Domain Group > Ungroup
Model > Domain Group > Properties
Model > Driver > New
Adds selected objects to a new group.
Ungroups selected objects contained within a domain without deleting them.
Specifies properties of domains contained within a group.
Creates a new Driver object, specified from a list of templates.
110 Understanding Designer for Identity Manager
Option Description
Model > Driver > Copy > Server-Specific Settings Copies replica data from one server to another server that is associated with the selected driver.
Model > Driver > Copy > Settings Copies existing driver settings.
Model > Driver > Simulate Opens the Simulate Policy Transformation -
Entitlements Service Driver Wizard to test the driver’s set-up parameters.
Allows you to browse to and import a driver.
Model > Driver > Import from Configuration File
Model > Driver > Log Level
Model > Driver > Global Configuration Values
Defines the level of errors to be tracked and reported in the error log. See “ Driver Log Level ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Specifies settings for Identity Manager features in drivers and driver sets, including password synchronization values, driver heartbeat, and specific driver configuration. See “ Driver Global
Configuration Values ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Model > Driver > Trace Settings
Model > Driver > Named Passwords
Model > Driver > Driver Configuration
Model > Driver > iManager Icon
Model > Driver > Engine Controls
Adds a trace level to your driver to display the
Identity Manager (DirXML) events as the engine processes the events. For a description of each trace field and platform requirements, see “ Driver
Set Trace ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Stores multiple passwords securely for each driver, so they can be can be referenced in a driver policy.
See “ Driver Set Named Passwords ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Launches the Driver Configuration Wizard, if a driver is selected.
Displays an application’s icon as it is used in iManager, if a driver is selected.
Displays the Engine Control Values property page.
Provides a list of associated servers and authentication credentials.
Model > Driver > Manifest
Model > Driver > Add Entitlements
Specifies what the driver supports, including a few configuration settings. See “ Driver Manifest ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Launches the Entitlement Wizard, which allows you to set up criteria for a person or group that initiate an event to grant or revoke access to business resources within the connected system. See “ Using
Entitlements ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Menu Options 111
Option Description
Model > Driver > Edit Entitlements
Model > Driver > Mark as Firewall
Model > Driver > Password Synchronization
Enables you to change an entitlement’s name, values, and role-based entitlements.
Indicates that the selected driver is communicating across a firewall.
Synchronizes passwords between connected systems. See “ Integrating Passwords ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Creates a driver repository.
Model > Driver > Credential Provisioning >
Credential Repository
Model > Driver > Credential Provisioning >
Credential Application
Model > Driver > Icon
Creates a credential application.
Model > Driver > Properties
Model > Driver Set > New
Displays driver icons, or turns icons on or off. See
“ Driver iManager Icon ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Launches the driver’s Properties page.
Launches a wizard to create a new driver set.
Model > Driver Set > Copy > Driver Set Settings Copies existing driver set settings.
Model > Driver Set > Copy > Global Configuration
Values
Copies settings for Identity Manager features such as password synchronization and driver heartbeat, as well as settings that are specific to the function of an individual driver configuration. See “ Driver
Global Configuration Values ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Model > Driver Set > Import from Configuration File Imports an Identity Manager driver configuration file into the selected driver set for a project. See
“ Importing a Driver Configuration File ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Model > Driver Set > Log Level
Model > Driver Set > Server List
Defines the level of errors that should be tracked.
See “ Driver Set Log Levels ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Displays available servers and servers that the driver set is associated with.
Model > Driver Set > Global Configuration Values Specifies settings for Identity Manager features such as password synchronization and driver heartbeat, as well as settings that are specific to the function of an individual driver configuration.
See “ Driver Global Configuration Values ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Model > Driver Set > Trace Settings Sets the trace level for your driver set, which displays the Identity Manager (DirXML) events as the engine processes the events. See “ Driver Set
Trace ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
112 Understanding Designer for Identity Manager
Option Description
Model > Driver Set > Properties
Model > ECMAScript > New
Model >ECMAScript > New from Copy
Model > eDir-to-eDir > New
Launches the driver set Properties page. See
“ Viewing Object Properties ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Creates an ECMAScript object.
Creates an ECMAScript object by copying an existing ECMAScript object.
Launches the eDirectory-to-eDirectory Wizard to create a new connection between two eDirectory objects.
Model > eDir-to-eDir > Secure Connection Settings Opens the TLS Configuration window to enable
SSL/TLS connection settings and encrypted key settings through advanced TLS configuration.
Model > eDir-to-eDir > Disconnect eDir-to-eDir
Model > Identity Vault > New
Disconnects the eDirectory-to-eDirectory connection.
Adds a new server to an Identity Vault.
Model > Identity Vault > Manage Schema
Model > Identity Vault > Import from Configuration
File
Allows you to browse to and import an Identity
Vault.
Model > Identity Vault > Duplicate Template
Opens a context-sensitive window to manage schema classes and attributes of the Identity Vault.
Model > Identity Vault > Edit Template
Opens an e-mail template list that you can duplicate.
Opens a template list to select and edit an e-mail template.
Model > Identity Vault > E-Mail Server Properties Launches the e-mail notification server so you can enter notification settings and server authentication credentials.
Model > Identity Vault > Administrator Opens the Administrator properties window of the
Identity Vault to enter personal and contact information and other optional information.
Model > Identity Vault > Server List Launches a wizard that displays the servers associated with a selected Identity Vault, which enables you to edit the properties and contact information. See “ Driver Set Server List ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Model > Identity Vault > Properties
Model > Job > New
Model > Job > New from Copy
Opens the Properties window for the Identity Vault to access configuration, administrator, and server list properties. See “ Configuring Identity Vaults ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Launches the Job Scheduler Wizard to create a job.
Creates a job by copying an existing job.
Menu Options 113
Option
Model > Library > New
Model > Library > Import from Configuration File
Model > Policy > New DirXML Script
Model > Policy > New Schema Mapping
Model > Policy > New XSLT
Model > Policy > New from Copy
Model > Policy > Manage Policy
Model > Resource > New
Model > Server > New
Model > Select Connected Applications
Model > Clear All Items
Model > Straighten Connections
Model > Distribute
Model > Align
Model > Snapshot to Image File
Description
Launches the New Library Wizard to create a library after you have selected an Identity Vault or a driver set.
Allows you to import a driver into a driver set.
Opens a new Policy Name window to enable you to create XML policy scripts.
Opens a schema map editor to associate identity objects with associated service drivers. See
“ Managing the Schema ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Opens a new Policy Name window to enable you to create Extensible Stylesheet Language
Transformation (XSLT) policy scripts.
Opens the Modeler browser to copy selected existing Driver Set objects.
Launches a policy manager GUI that exposes individual elements of a project design tree that can be edited in context by right-clicking each element.
Prompts you to add new resource objects from the
Modeler palette. After resource objects are added, you set up connection and control settings.
Associates a new eDirectory server or manual server to an Identity Vault.
Selects driver connections between application objects in modeler.
Enables you to clear all items in a project.
Straightens line connections between selected objects in the Modeler.
Distributes selected objects in the Modeler either vertically or horizontally.
Aligns selected objects in the Modeler: top, bottom, left, right, center, or middle.
In Developer or Architect mode, captures the model and stores it in a .bmp
, .jpg
, or .
jpeg file, which is stored in the Designer driver_configs directory.
114 Understanding Designer for Identity Manager
C.8 Window Menu
Option
Window > New Window
Window > New Editor
Window > Open Perceptive
Window > Show View > Dataflow
Window > Show View > Navigator
Window > Show View > Outline
Window > Show View > Policy Set
Window > Show View > Project
Window > Show View > Project Checker
Window > Show View > Provisioning View
Window > Show View > Search Results
Window > Show View > Tasks
Description
Opens a new instance of the application, making it easier to copy and paste between certain elements.
You need to synchronize changes between the instances.
Launches a new Designer editor.
Toggles among perspectives: Debug, Designer
(default), Java, Java Browsing, Java Type
Hierarchy, Plug-in Development, Resource, and
Team Synchronizing.
Controls the flow of data between objects. See the
“ Dataflow Mode ” in the Designer 4.0.1 for Identity
Manager 4.0.1 Administration Guide .
Displays the Navigator view. See
Provides an outline view of the active editor
(Modeler, XML Editor, or a text editor).
Displays the Policy Set view. When you select a driver in the Modeler, this view displays the driver's
policies. See Section 4.8, “Policy Set View,” on page 68 .
Displays the main view for manipulating your project. See “ Creating a Project ” in the Designer
4.0.1 for Identity Manager 4.0.1 Administration
Guide .
Checks Designer objects for any problems that might cause the deployment of a project into the
Identity Vault to fail. It does not check the current objects in the Identity Vault. See “ Checking Your
Projects ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Displays entities, lists, and organizational charts; used in workflow-based provisioning.
Displays the Search Results view. See also
Section 4.10, “The Search Results View,” on page 73 .
Enables you to add your own tasks and notes as you do your work. You can assign them a priority; mark them as completed; or delete, sort, or filter them.
Menu Options 115
Option Description
Window > Show View > Trace
Window > Show View > Version Control
Displays internal errors and messages, so that you can find out why something isn’t working as expected. Use this feature to provide information for Novell Support, engineers, or other consulting resources. See “ Trace ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Enables you to track revisions of your project and share them with team members. Also enables you to track objects and files inside of your project.
Enables you to see bookmarks that you have set in your text editors.
Window > Show View > Other > General >
Bookmarks
Window > Show View > Other > General > Console Displays the Console view.
Window > Show View > Other > General > Internal
Web Browser
Enables you to immediately access the Eclipse
Web site, or otherwise access the Internet.
Window > Show View > Other > General >
Navigator
Displays the Navigator view. See
Window > Show View > Other > General > Outline Displays the Outline view.
Window > Show View > Other > General >
Progress
Window > Show View > Other > General >
Problems
Displays the Progress view.
Displays the Problems view, with errors and warnings used for troubleshooting.
Window > Show View > Other > General > Project
Explorer
Displays the project components.
Window > Show View > Other > General >
Properties
Enables you to view and edit settings on the selected object.
Window > Show View > Other > General > Tasks Enables you to list, prioritize, and track tasks
Window > Show View > Other > Designer for
Identity Manager > Dataflow
Controls the flow of data between objects. See
“ The Dataflow View ” and “ Dataflow Mode ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Window > Show View > Other > Designer for
Identity Manager > eDirectory Browser
Window > Show View > Other > Designer for
Identity Manager > Policy Set
Window > Show View > Other > Designer for
Identity Manager > Project
Opens an eDirectory browser window from which you can specify the directory you want to browse.
See “ Tool-Based Browsing ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Displays all policies contained in the selected policy set. See
Section 4.8, “Policy Set View,” on page 68
.
Displays the main view for manipulating your project. See “ Creating a Project ” in the Designer
4.0.1 for Identity Manager 4.0.1 Administration
Guide .
116 Understanding Designer for Identity Manager
Option Description
Window > Show View > Other > Designer for
Identity Manager > Project Checker
Window > Show View > Other > Designer for
Identity Manager > Search Results
Window > Show View > Other > Designer for
Identity Manager > Trace
Checks Designer objects for any problems that might cause the deployment of a project into the
Identity Vault to fail. It does not check the current objects in the Identity Vault. See “ Checking Your
Projects ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Displays the Search Results view. See
Section 4.10, “The Search Results View,” on page 73 .
Displays internal errors and messages, so that you can find out why something isn’t working as expected. Use this feature to provide information for Novell Support, engineers, or other consulting resources. See “ Trace ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Window > Show View > Other > Designer for
Identity Manager > Version Control
Window > Show View > Other > exteNd > Registry
Manager
Launches the Registry Manager view.
Window > Show View > Other > Help > Help
Enables you to track revisions of your project and share them with team members. Also enables you to track objects and files inside of your project.
Launches context-sensitive help in the Help view.
Help topics depend on which part of the Modeler or
Designer is active.
Window > Show View > Other > PDE Runtime >
Error Log
Window > Show View > Other > PDE Runtime >
Plug-in Registry
Window > Show View > Other > Provisioning
Window > Show View > Other > Provisioning >
Data Item Mapping
Used for troubleshooting. See “ Viewing the Error
Log ” in the Designer 4.0.1 for Identity Manager
4.0.1 Administration Guide .
Displays the plug-in registry. Enables you to see which plug-ins are registered or running. See
“ Checking Loaded Plug-Ins ” in the Designer 4.0.1 for Identity Manager 4.0.1 Administration Guide .
Enables you to view and configure entities, lists, and organizational charts. See “Configuring the
Directory Abstraction Layer” (http:// www.novell.com/documentation/idm/ index.html?page=/documentation/idm/agpro/data/ agpropartconfigappenv.html) in the Identity
Manager User Application: Administration Guide
(http://www.novell.com/documentation/idm/ index.html?page=/documentation/idm/agpro/data/ agpropartconfigappenv.html) .
Specifies how object attributes are mapped. See
“ Mapping Identity Vault to an LDAP Schema ” in the
Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Displays an e-mail notification map.
Window > Show View > Other > Provisioning > E-
Mail Notification
Window > Show View > Other > Provisioning >
Provisioning
Displays entities, lists, and organizational charts used in workflow-based provisioning.
Menu Options 117
Option Description
Window > Show View > Other > XML > XPath
Navigator
Window > Customize Perspective
Supports context-sensitive editing of XPath expressions. Automatically attaches to the currently selected XML editor.
Configures the layout of a perspective. Controls the menus (New, Open Perspective, and Show View) and action sets that show up on the tool bar. See
Section 4.3, “Managing Perspectives,” on page 29 .
Window > Customize Perspective > Shortcuts
Window > Customize Perspective > Shortcuts >
Designer Document Generation
Window > Customize Perspective > Shortcuts >
General
Window > Customize Perspective > Shortcuts >
Novell Identity Manager
Window > Customize Perspective > Shortcuts >
Provisioning
Lists the plug-in shortcuts that you can add as cascade submenus on the current perspective.
Enables addition of a .docgen shortcut to create a new document generation style.
Enables selection of shortcuts to create a new file, folder, or empty untitled text file resources.
Enables the addition of the Identity Manager
Project shortcut to create a new project.
Enables selection of shortcuts to create new directory abstraction layer entities, lists, relationships, organizational charts provisioning request definitions.
Enables addition of an XML shortcut.
Window > Customize Perspective > Shortcuts >
XML
Window > Customize Perspective > Commands Alphabetically lists the command group plug-ins that you can add as cascade submenus on the current perspective. The Details field identifies which menu item organizational charts toolbar items are added to the perspective by the selected command group. See
Window > Customize Perspective > Commands >
Breakpoints
Adds breakpoint functionality to the menu.
Window > Customize Perspective > Commands > com.novell.designer.idm.actionSet
Adds Help set functionality to the menu: Check for
Designer Updates, What’s New, Designer Readme,
Report a Bug or Feedback, and Identity Manager
Resources.
Window > Customize Perspective > Commands >
Debug
Adds the Debug plug-in functionality to the menu.
Window > Customize Perspective > Commands >
Deploy
Enables the Deploy plug-in command. See
“ Deploying the Schema into the Identity Vault ” in the Designer 4.0.1 for Identity Manager 4.0.1
Administration Guide .
Window > Customize Perspective > Commands >
Designer
Adds standard Designer commands to the toolbar:
Save All, Delete selected object(s), Undo, and
Redo.
Window > Customize Perspective > Commands >
Designer Projects ActionSet
Adds Designer project import control options to the menu.
118 Understanding Designer for Identity Manager
Option Description
Window > Customize Perspective > Commands >
Document Generation
Adds the Generate Documentation icon to the toolbar.
Window > Customize Perspective > Commands >
Editor
Adds cut, copy, and paste options to the menu and toolbar.
Window > Customize Perspective > Commands >
Editor Navigation
Adds Last Edit Location navigation to the menu and toolbar.
Window > Customize Perspective > Commands >
> Editor Presentation
Adds a toggle to Show Selected Element Only on the toolbar.
Window > Customize Perspective > Commands >
Generate Documentation
Adds a Generate Documentation for This Project icon to the toolbar.
Window > Customize Perspective > Commands >
Identity Vault
Adds Identity Vault resource information for a project to the menu.
Window > Customize Perspective > Commands >
Insert
Enables the Insert plug-in command.
Window > Customize Perspective > Commands >
Keyboard Shortcuts
Adds keyboard shortcuts to the menu.
Window > Customize Perspective > Commands >
Launch
Adds Run program functionality to the menu and adds the Launch plug-in to the toolbar.
Window > Customize Perspective > Commands >
Manage Objects in a Novell eDirectory Tree
Adds the eDirectory Object Manager to the menu.
Window > Customize Perspective > Commands >
Manage Objects in a Novell eDirectory Tree
Adds the Live > Manage Directory functionality to the menu.
Window > Customize Perspective > Commands >
Open Files
Adds the browse to and open a text or XML file plug-in to the menu.
Window > Customize Perspective > Commands >
Profile
Adds the Run > Profile tools on the menu and toolbar.
Window > Customize Perspective > Commands >
Project Actions
Launches the project snap-in.
Window > Customize Perspective > Commands >
Project Checker
Places the Project Checker icon on Designer’s toolbar.
Window > Customize Perspective > Commands >
Resource Navigation
Adds Navigation tools as an option on the menu.
Window > Customize Perspective > Commands >
Run the User Application
Adds Access User Application as an option on the
Tools menu.
Window > Customize Perspective > Commands >
Tools
Adds Tools as an option on the Project menu.
Window > Customize Perspective > Commands >
Version Control Action Set
Adds Action Set as an option on the Web browser toolbar.
Window > Customize Perspective > Commands >
View DS Trace Logs
Adds DS Trace as an option on the Tools menu.
Menu Options 119
Option Description
Window > Customize Perspective > Commands >
WebBrowser
Adds the Launch Web Browser Wizard to the Web browser toolbar.
Window > Customize Perspective > Commands >
WebBrowser
Adds the Launch Web Browser Wizard to the
Window menu.
Window > Customize Perspective > Commands >
Window Working Set Menu
Adds Working Set to the Window drop-down menu.
Window > Customize Perspective > Commands >
Window Working Set Toolbar
Adds Working Set to the Web browser toolbar.
Window > Save Perspective As
Window > Reset Perspective
An easy, efficient way to lay out the current perspective in a certain way and then save it. You can freely switch between perspectives and still operate in the same editors and views.
Returns the perspective to its original layout. If the perspective is a copied perspective, it returns to the original, preferred layout of the base perspective.
Window > Close Perspective
Window > Close All Perspectives
Window > Navigation > Show System Menu
Window > Navigation > Show View Menu
Window > Navigation > Quick Access
Closes the current perspective.
Closes all open perspectives.
Displays the active system menu.
When active, shows the View menu.
Window > Navigation > Maximize Active View or
Editor
Window > Navigation > Minimize Active View or
Editor
Window > Navigation > Activate Editor
Enables you to search for a specific function by typing in the desired function into the
Maximizes the active view or editor. Ctrl+M toggles between views.
Minimizes the active view or editor. Ctrl+M toggles between views.
Enables you to select which editor to activate. F12 is the keyboard shortcut.
Window > Navigation > Next Editor
Window > Navigation > Previous Editor
Window > Navigation > Switch to Editor
Window > Navigation > Next View
Window > Navigation > Previous View
Window > Navigation > Next Perspective
Window > Navigation > Previous Perspective
Allows you to select and open an editor from a list.
Ctrl+F6 navigates down this list.
Allows you to select and open an editor from a list.
Ctrl+Shift+F6 navigates up this list.
Allows you to select and manage editors.
Allows you to select and open a view from a list.
Ctrl+F7 navigates down this list.
Allows you to select and open a view from a list.
Ctrl+Shift+F7 navigates up this list.
Allows you to toggle perspectives within projects from a list. Ctrl+F8 is the keyboard shortcut.
Allows you to view previous perspectives from a list. Ctrl+Shift+F8 is the keyboard shortcut.
120 Understanding Designer for Identity Manager
Option
Window > Launch Web Browser
Window > Working Sets > Edit
Window > Preferences
Description
Specifies your Home Page URL, which is stored in
Preferences.
Allows you to create working sets in a project
Enables you to customize Designer's behavior in the following categories:
General
Appearance
Compare/Patch
Content Types
Editors
File Associations
Hex Editor
Structured Text Editors
Text Editors
Keys
Network Connections
Perspectives
Search
Startup and Shutdown
Web Browser
Welcome
Workspace
Build Order
Linked Resources
Local History
Help
Novell
Designer
Identity Manager
Package Manager
Provisioning
Validation
Web
XML
See “ Setting Preferences ” in the Designer 4.0.1 for
Identity Manager 4.0.1 Administration Guide .
Menu Options 121
C.9 Help Menu
Option
Help > Welcome
Help > Help Contents
Help > Search
Help > Dynamic Help
Help > Key Assist
Help > Check for Package Updates
Help > Check for Designer Updates
Help > What’s New
Help > Designer Readme
Help > Report a Bug or Give Feedback
Help > Identity Manager Forums
Help > Identity Manager Resources
Help > About Designer
Description
Displays the Welcome page. See
“Help from the Welcome Page,” on page 17 .
Enables you to navigate to and view information on all features and functions in Designer.
Locates instances in the help system and provides links.
Provides context-sensitive information.
Lists shortcuts.
Enables you to quickly download and install the latest package updates.
Enables you to quickly download and install the latest Designer updates.
Directs you to a Novell Web page that describes new features in Designer.
Provides updated information on known issues.
Allows you to enter an Identity Manager Designer bug or provide feedback into Bugzilla.
NOTE: You must first establish a Novell User
Account (https://secure-www.novell.com/selfreg/ jsp/createAccount.jsp) to provide feedback.
Provides a link to Identity Manager product support forums.
Provides a link to the Designer Resource Page.
Provides information about Designer’s version, configuration, product, license, and plug-in.
122 Understanding Designer for Identity Manager
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project