[MUSIC PLAYING] Now we're going to take a very quick look into one of the tools that we use whenever we want to connect to a target system. The tool is called Synchronization Editor. And what you see when you launch the tool is that if you already have configured connectors to the target system-- and we do have that in this installation, we do have a connection to an Active Directory, we have a connection to an HR system in the form of a file, we have a connection to an LDAP system, we have also a connection to an SAP system.
Now, in order to be able to connect to a new target system, there is a wizard in here. So you simply click on this one, "I want to start a new synchronization editor project." The list of things you can connect to depends on how you install the Identity Manager. The modules you select during installation will be reflected here on the number of connectors you see.
Now, if you're missing a connector, you can add it afterwards of course at Module. But these are the ones that we happen to have in this particular demo environment. And connect to a system can be as simple as just selecting a connector, and then you press Next and a wizard will guide you into the actual connection. For some of the connectors here, it will take you literally a couple of minutes to connect to a target system.
Now I'm closing that new connection wizard and I'm just going to take a look at one of the existing connectors that we have. So I'm double-clicking on the Active Directory here to see how it does this connection work. Well, first of all, there is always two sides of a connection. There is how the connection is done through the Identity Management solution and how it connects to the target system.
Now, once you have connected to a target system, you can actually click on the Browse button up here on the right-hand corner. Now I'm actually talking directly to the target system. So this is-- when I click on, for instance, user here, and I will see all the users I have, all the accounts I have in the connected target system, this is really coming directly from that Active Directory service. So it's really-- what you see is a direct connection. So I can see that my connector works and it properly can communicate the target system.
Secondly, we do have mappings, of course. Mapping is how we map certain things. Let's say, that you want to map a user. What kind of attributes on the target systems side and what should it be mapped to the Identity Management side? So if I look at, for instance, the user object in Active Directory, it's an object class because it's a directory service.
On the right-hand side, I see the target system and all the attributes that are available in the target system. And on the left-hand side, this is the table inside the Identity Manager where we are going to synchronize those accounts. And in the middle you see how the mapping is being done. For instance, if I click on the-- to see an attribute here, I can see that it actually is mapped to this attribute here on the left-hand side. If I click on the company here, I can see that it maps directly to the company attribute on the left-hand side.
Now, a typical question we get is, what happens if we have extended the scheme on our direct Active Directory? For example, well, we will find the scheme when we connect but you need to extend the scheme out on the Identity Management side as well, of course. And guess what? There is another tool that you use when you extend the scheme in Identity Manager. Now, this was a very quick look into the synchronization editor. There are more videos available that you can see more in detail how to do this.
Let's leave now the section of configuration and step to the side of customization. Customization, as I mentioned before, is that you add features to the One Identity Manager, which was not available before. Typically, project development, if you want to say-- we see here the configuration parameters in the Identity Manager. The identity configuration parameters are discussed.
I step now to the next stop. And the next stop shows me the overview of processes. Processes are the way in Identity Manager to model business processes or reactions on system data changes in a way off that something happened-- for example, some provisioning and target systems takes place or an email gets sent out or however, as you can see and accordingly to what I mentioned before, there are in this installation, which is in 8.1, 626 processes out of the box away level. This is the left-hand side here on the screen. And you can see in this demo environment we just deal with two custom processes. That means two customize processes.
If you look in such a process, we can see two things. First of all, there is a graphical engine to create these processes that makes it easy, especially for not really coding [? affine ?] people. You can, as well, see different process steps. You can click on one of these. And if you are interested, you can look into the properties and then you can change or customize your process.
Additionally to that exists some other parameters where we can just deal with the parameters of a process and so on. That means creating processes is something normal technically-oriented people can learn from scratch during the week, and then they became real productive and creative and can just model everything they like to. There are more than 100 different process tasks at way level process tasks, like for example, create an Active Directory account or running a PowerShell script or a VB.NET code snippet or something else. Nearly nothing what you cannot really do. And if you need something more, than these names script writing process steps are available level just to make your successful.
Additionally to that exists, of course, the One Identity Database Schema. At present, as you can see, 975 tables are available for you, 56 tables on the right-hand side in addition, which are deactivated in that version because I was not just enabling all the features in my demo environment. If I look a little bit deeper into that, then I can see a graphical overview about our schema, and we can talk about something we call templates.
Templates are a big power in Identity Manager because they automatically allow just to direct the data flow in the Identity Manager. Let's have a small example. For example, you create an identity with the first and the last name, and you are very interested in that every account that comes with a sure name, for example, as well gets the data from the last name out of the identity, which makes exactly sense because it is cool if the Active Directory account, for example, does have the same sure name, then the identity has that last name. Therefore, exists something we call a template. And I'd like to show you that.
You see my person, there is my identity table, there is the last name I was talking about, there is a red line that says, this last name is used in, as you can see, person Active Directory account. And with a double-click, I can look into that person Active Directory account surname. Here we are. And if I click on that, you can see the script directly underneath, which at the end then takes that last name on the basis of some more rules. It's a little bit more complicated than just take the data.
However, the whole thing exists as well in an overview development grid, which is then more this one here. And I can as well see here something or other else. In this specific editor, I can easily see that we do have, for example, for that person object, as well security-- that means permissions to access it. This is what you can see here on the button. These are all the groups, that means the permission groups in the Identity Manager, which allows people who are signing into the Identity Manager to do something with.
You can see there are value is like edit, insert, and delete rights. There are conditions which allow to make these permissions valid only for a subset of data. And of course, if we look a little bit better into it, you see we do not only have rights on the table level. In addition, we do have them on the column level as well. That means the Identity Manager itself came with a very rich permission management you can use in your projects as well.
Last but not least, if you want to extend the Identity Manager and you cannot use the, I like to say LEGO bricks we have to build something, then you can start coding. Therefore, we have the script library. As you can see, 254 scripts out of the box. And in this environment, 10 scripts just customized. That means something I created after creating this demo environment.
If we look into such a script, it is just code. We use VB.NET code in the Identity Manager in the same way than C# code in the synchronization editor. And we use SQL, as you know. However, here are the scripts. You can write them in the designer. This is a tool we are looking in.
And if you really want to be successful and you want to really create very high sophisticated and complicated code, then, of course, you can directly step into Visual Studio. Here we are. And in Visual Studio, as you can see, you can just run the same scripts we have in the database. This is one of them. It's a custom script. It generates just user, logo name. And if I just set some flex, for example, that I want to debug that script and hit Run button, then you can see I can stepwise run through that specific script, like it is very typical for a Visual Studio. I can figure out which variables are at the end, set with which value, and so on. It is the full power we typically use in such solutions.
Once my scripts are debugged and finished, I can then store them back to the Identity Manager database and they are part of the product. This is a very rough overview about capabilities. I was not talking about a lot of other features we have, like web services visits and dialogue changing features and something else. This exists all in addition together with some other stuff. But if you are interested in, I like to say, deeper customization, then you should start, for example, with an implementation course.
[MUSIC PLAYING]