It's all about IAM

Identity And Access Management - Rajiv Dewan

Disconnected Application Duplicate Task Getting Assigned

Few months back, I was working with Disconnected Applications and came across another issue where same task is getting assigned multiple times to Help Desk team for manual action.
In case of RBAC, if last role is removed then Access Policy disable or revoke the application so in my case it was configured to Disable the application.

If user request for any role again for the same application then Access Policy creates two tasks for Help Desk Team "Enable Application" and "Grant Entitlement". If Help Desk team, doesn't take any action on these two tasks for 4-5 days and during this time end user requests for another role for the same application then OIM Access Policy creates another "Enable Application" task for the same application.

I have seen this Duplicate Tasks issue for many scenarios.

Multiple Design Console Installations

It is obvious to have multiple OIM environments for any client like Dev, QA, Pre Prod & Production and we need Design Consoles for all these environments. Generally what we do, we install one Design Console and make changes to xlconfig.xml under Config folder to connect to different environments OR we make copy of Design Console folders.

I thought to use the same client for multiple environment by creating multiple xlconfig.xml i.e. one for each environment but I found that file name is hard coded in the jar files. Design Console supported jar files always look for xlconfig.xml so what I did:
  • Created different directories for each environment under the same Design Console installation
  • Copied the config folder inside each directory
  • Created multiple xlclient.cmd and pointed to corresponding environment directory

So now I have only one Design Console installation for all the environments. If I have to upgrade my Design Console then I have to do it only once.

For people who don't know, you can pass the username & password from xlclient.cmd itself so no need to type username/password for login (Small thing but useful sometimes it is really necessary :) )

Edit your xlclient.cmd same as below:

com.thortech.xl.client.base.tcAppWindow -server server -user RAJIVDEWAN -password Welcome1