Symantec Identity Management

How to query custom fields for Admin/Access/Provisioning Roles with PX

  • 1.  How to query custom fields for Admin/Access/Provisioning Roles with PX

    Posted 06-29-2012 02:38 PM
    Create a Data Element that queries the IM ObjectStore for the Role Friendlyname.

    Note: Check the IM Management Console for the correct OID of the IME. Is this is the first IME, the OID will be 1; but if you have deleted and recreated IME, the OID number will sequentially change. Below example shows an OID=10 (as this was a test system)

    Note: In SP7+ the data source name changes from jdbc/objectstore to iam/im/jdbc/objectstore

    Example: Discover the value of the fourth (04) custom field of an IM Admin Role, to be used for determine how to leverage business logic in PX action rules, e.g. SOD "toxic combination" check; or membership check of Admin Role


    <DataElement>
    <Attribute name="friendlyName">Get customfield04 of admin role</Attribute>
    <Attribute name="elementType">element.type.sql.query.data</Attribute>
    <Attribute name="subElement">element.execute.prepared.statement.get</Attribute>
    <Attribute name="priority">4</Attribute>
    <PxParameter extraInfo="" index="1" uiType="TYPED">jdbc/objectstore</PxParameter>
    <PxParameter extraInfo="" index="2" uiType="TYPED">select custom04 from IM_ROLE where ENV_OID = '10' AND FRIENDLYNAME = 'Auditors''</PxParameter>
    </DataElement>