• Vulnerability in the Angular version

    Hello,


    We recently received a customer notification about an "EOL/Obsolete Software: AngularJS 1.x Detected" vulnerability after we updated the version to 9.2. I would like to know if anyone else has received this vulnerability notification and if the…

  • Calculating different form fields on Version 9.2 using New Request property

    Hello,
    I’m implementing a user onboarding form using a new request property with fields including First Name, Last Name, Middle Name, Full Name, and Default Email Address. I need to understand where to place my scripts for formatting and calculation…
  • ADSAccount - Display DistinguishedName field on Master data form in Manager

    Hello experts.

    My issue is that our customer would like to display DistinguishedName field value in the Master data of ADSAccount form in Manager tool (it does not matter on which tab).

    I navigated to master data form of ADSAccount in Designer and did…

  • Requesting on behalf of more specific employees except for her/his employees

    Hello,

    A manager can request on behalf of her/his employees on Web Portal. We want that some managers are able to request on behalf of more specific employees except for her/his employees. I guess that we need to add data to HelperHeadPerson. This could…

  • One Identity and Active Roles connector slow

    Hello Experts,

    I'm having issues with two environments moving from Native AD connector to ARS connector. I would imagine the initial sync should take longer with it having to proxy through and the additional virtual attributes created with the ARS schema…

  • Problems with SAP Function Instance

    Hello.

    I have an issue with the SAP Function Instances. Specifically, once the SAP Function Instances are defined, they inherit all the elements of the corresponding SAP Function, but they do not detect the affected roles (and consequently, not the accounts…

  • INSERT Event Trigger Not Firing When Inserting via Script

    Hi everyone,

    Has anyone managed event triggers following an insert operation via script into a table?
    The issue is that when inserting an object into any table through a script, the INSERT event is not triggered. This happens because the operation is done…

  • Product visibility based on the role assigned to user

    Hello All,

    We are using One Identity Manager 9.2 version and use new Angular Web Portal.

    We are looking for the options to restrict the visibility of the certain products based on the specific roles assigned to identity. To explain in detail, below is…

  • change processes order

    Hello everyone,

    I created a process triggered by the insert in the table PersonInOrg. This process must update a value in the table PersonHasESet, in the record referred to the assignment of a system role inherited from the assignment of the business role…

  • My Processes section on Angular web portal

    Hello everyone,
    is it possible to hide the section "My Processes" on the Angular web portal?
    I'm on One Identity 9.2 on demand.
    Thank you,
    Giuseppe

  • Angular Web Not Showing Attestation and Business Role


    Hi all,

    I'm using the new angular web portal on the 9.2 version of One Identity Manager. I followed all the steps in the given link “support.oneidentity.com/.../3. Firstly, I downloaded the project from GitHub and then customized the project and built…

  • How to push/pull One Identity Manager logs to QRadar

    I am trying to pull/push one identity manager logs to QRadar using SEIM, there are below few queries related to same. 
    1. How we can get an API call for the OIM logs, which will help to pull the logs from QRadar

    2. Does OIM forward the logs to specific…

  • How to monitor administrative modification

    Hi everyone,

    I want to monitor admnistrative changes made, for example when someone changes a Process, a template on a table or something else.

    I know that for the import of change label I can monitor this operation with "DialogTag" table, but I want…

  • Force change password on LDAP account

    Hello everyone,

    We want to force to change password on ISAM LDAP account.

    I read that this can be done through "ShadowLastChange" parameter on LDAP accounts, but I don't see this parameter on Target System.

    Can you help me?

    Thanks,

    Gius…

  • How to open link in a new browser window password reset portal

    Hi all,

    When I log in with the admin portal in configuration, I can enter the URL for the password reset portal. I want it to open in a new tab when I click on this URL, but it's not happening. Could you help me with this subject

    Best regards,

  • How Can We See Our Authorization as a List Instead of Hyperview

    Hi all,

    Our customer want to see on authorizations (ADGROUP, LDAPGROUP etc.) as a list or grid instead of hyperview. Is it possibble? Could you lead us for this subject?

    Best regards,

  • Is there any guide or whitepaper available on best practice for installation and architecture of Identity Manager?

    Hi, 

    I am looking for any official documentation which has recommendation for One Identity Manager's architecture and hardware capacity estimation.

    Any input on this is greatly appreciated.

    Thanks

  • Web Portal How to change Product Name?

    Hi all,

    I cannot change the name of the product. I found how to change the logo from the admin portal, but I am unable to change the Productname. Could you assist me with this?

    Thank you,


  • Keep group membership after termination

    Hello experts,

    Can someone tell me if we can keep group membership of a group assigned by a business role after termination? We have the AD account deferred for 90 days after termination. 

    Thank you,

    Lu

  • REST API Script - how to determine the authenticated user's username within 1IM Script?

    Would like to know API authenticated user account calling script function so that we can log which account is calling what API script with what parameters, and may be provide finer access control to the script functionality.

    Right now, I see just one…

  • Custom Application - Setting a role via UNSAccountBHasUNSGroupB - POSH4 Connector

    Hello Community, I need some help.

    I´m developing a Powershell Connector for a SaaS Service (1IM 9.1.1) and I want to use a bit more entitlements instead of hardcoded value calculations. I have schemas for User, Locations and Role. The locations are reflected…

  • Not able to Authenticate using Access token(in authentication header) for authentication to API server

    With the implementation of the API server, we want to expose our One Identity Manager capabilities via API's within our organization. In our test setup we successfully managed to authenticate to the authentication API using the oauthrolebased api, and…

  • Permisson to revoke account definition

    Hi everyone,

    we want to enable a role based permisson group to revoke the account definition of an ADs Account. 
    We already tried to assign the task permission to the permisson group but it didnt work. (1. User Interface -> 2. Task definitions -> 3. RevokeAccountDef…

  • Difficulty with cross-object value template

    Hello everyone,

    Could you please advice in creation of simple template for a column in Person table, where I'll use the value from ADSAccount table.

    I have tried the following within CustomProperty10 column of Person table:

    Value = $FK(UID_ADSAccount…

  • Lock down reporter in Webportal

    Hello, Does anyone have instructions or can lead me on how to lock down reporter? Here are some things we would like to consider doing.

    • Remove the "New Report" button
    • Hide tables to choose for reports
    • Hide columns to select in a table for …