• Question about custom target systems and account tables

    Hi everyone,

    I'm working on a custom target system, and I noticed there's a table called UNSAccountB, but it doesn't follow the structure I need for my use case.

    Is it considered a good practice to extend the UNSAccountB table to meet custom…

  • Implementing Random Delay in Orchestrated Processes to Prevent API Overload

    Hi everyone,

    I'm working with an Orchestrated Process that calls an external API. Currently, all requests hit the endpoint simultaneously, causing it to return a 500 Internal Server Error due to overload. I'm seeing errors like this in the logs:…

  • Is there a way to limit the available Primary Business Roles in v9.2 web porta\Data Administration\Create Identity?

    Greetings everyone,

    I have a customer that is planning to limit the Data Administration\Create Identity option in the web portal for adding external users only. Their current process involves the assignment of a Primary Business Role to kick-off access…

  • Data Importer - Multi-Valued template

    Hello Experts,

    I have a table I need to pull data from and it has person records in it with them associated to multiple entries.

    I'm looking to create a multi-valued template to get them populated. Is there a way from data importer to populate all the…

  • Assign offboarding grousp to disabled AD account.

    Hello,

    I need help to assign offboarding groups to AD accounts, managed with account defintion, when identity got disabled and AD account too.

    I have a business role with the account definition that is removed when the identity is disabled and another…

  • UCIgroup3 table in UCI Connector is not getting update from SCIM Connector.

    Hello,

    I am trying to integrate Salesforce with Identity Manager using SCIM Connector. We are using 9.0 version. I created 2 sync projects:

    1. using SCIM Connector 

    2. using UCI connector to load data in CSM Tables

    The permission set groups are in UCIgroup3…

  • How to synchronize existing One Identity Manager password to AD during account creation?

    Hi everyone,

    I have a scenario in One Identity Manager where a user already exists in the One Identity environment with a defined and valid password. However, this user does not yet exist in Active Directory.

    When I assign an Account Definition to trigger…

  • Using "Members of M:N schema types" without SCIM-Endpoint in Target System

    Hello OIM-Community, 

    I just stumbled upon an issue. 

    I'm currently trying to connect a System using the SCIM-Connector. 

    The system doesn't provide a Schema, so the standard Schema of

    • Users
    • Groups

    are used.

    There is no group-Endpoint for this system…

  • Cannot Connect to database because a system update is running.

    Hello Guys,

    I have a customer environment and it was working fine, then suddenly when I try to open any of the admin tools, it keeps telling me "Cannot connect to database because a system update is running".

    It has been into this state now…

  • I am working on imxweb using Angular. Please guide how to create a group membership request for end users?

    The project is connected to a One identity API server, from where it is fetching data. I want to create a section/menu where we can request for a group membership. It can be static or dynamic. But it should prompt user for details.

  • Problems connecting Exchange Online to One Identity Manager

    Hello,

    We are still using version 9.0 LTS with CU 3.

    Our company would like to move towards M365, which is why we are now gaining initial experience in a Test environment.

    The connection to Azure ADS / Entra ID has worked. Now we want to establish the…

  • Issue Replacing Default Mail Templates with Custom Templates for Attestation Notifications

    I need to replace the default email notifications with custom mail templates, specifically for scenarios such as pending attestations or when attestation requests are sent. The goal is to use personalized text and formatting instead of the default messages…

  • How to connect to Peoplesoft?

    Hi all,

     

    I’m looking for a way to connect One Identity Manager 9.3 to PeopleSoft application. Due to not have an original connector, with best practice is recommended for: using psjoa.jar, directly to database or other?

     

    Thanks

  • SSO One Identity Manager 9.3

    Hello everyone, I hope you're doing well. I would like to ask a question regarding SSO (In Angular Web Portal). I'm currently working with One Identity Manager 9.3, but I haven't been able to find clear documentation on how to properly enable it and how…

  • About certificates

    Hello,
    Our customer asked a few questions to avoid taking the penetration test.


    - Can we learn about SSDLC or SOC certification so that the product is COTS and exempt from source code and penetration testing?

    - Can evidence be presented against Common…

  • custom API Integration in angular portal

    We are using the Version 9.2 of one idenity and I have created the new page for contracts, and the API is also ready. I would like to integrate the API into the frontend. I typically handle API integration using the HttpClient in a service file. However…

  • Check if session source is Web Portal/API Server in table scripts and column templates

    Hello One Identity experts,

    I hope someone can give me a hint for a challenge I'm facing:

    I'm implementing backend validations for modifications on persons in the table scripts and column templates. Essentially this works quite well by throwing an exception…

  • Creating a Custom API That Calls Another API Based on Response Code & .NET/C# Documentation


    Hello everyone,
    I'm currently working on a customization project in One Identity Manager and would like some guidance on the following:
    I'm trying to create a custom API endpoint that will:
    Call an external API.
    Based on the response code (e.g., 200…

  • Is there a powershell or simple method to fully deactivate sync projects programiically? Setting the dprshell.isFinalized value in the database isn't enough.

    Is there a powershell or simple method to fully deactivate sync projects programiically?  Setting the dprshell.isFinalized value in the database isn't enough.  Thanks

    OIM 9.1.1 (soon to be 9.2.1)

  • Solution: Encrypting the value of a PWO Request Parameter (DialogParameter)

    Cudos to   for helping to find the solution.

    Situation:

    Using the new request parameters for Orders (PWO) the requestor shall be asked for input which shall be stored encrypted.

    Solution:

    Using the Value Validation Script

    Dim pw As…

  • "ADS_PersonHasTSBAccountDef_Autocreate_ADSAccount/Contact" Error

    Hello All,

    I get an Error for Account Def assignment. 

    ErrorMessages (2025-03-24 16:58:11.117) [810077] ADSAccount: The following fields are compulsory and need to be filled: Canonical name, Name, Distinguished name, Login name (pre Win2000).

    This is a…

  • Exchange field ForwardingSmtpAddress Sync and Lifecycle Management Options?

    We have a requirement to populate and manage the lifecycle (provision/sync/update/delete) of field ForwardingSmtpAddress. This is a different field than 'ForwardingAddress'.

    It's a valid field on the mailbox but I do not see it in the Sync Editor…

  • Can Identity Manager act as an IdP (SAML) for authenticating and authorizing users in other applications?

    Could you help me with the following question? Is it possible to use One Identity Manager as an IdP (SAML) to authenticate and authorize users for other applications? Or are the configuration parameters in Identity Manager only intended for allowing Identity…

  • Export connector

    Hello, I created a connector on my VM using the "Synchronization Editor," and now I want to export it so my colleague can have the same connector on his VM. How can I do that?

  • Update the web portal trust with the application server

    Each time the APP server certificate is renewed, I need to uninstall and reinstall the APP server. When I try to execute the WebDesigner.ConfigFileEditor program and update the search service section, nothing happens. Updating the APP server URL does…