Version 8.2
Hi,
Can you please help me on how i can create single account aggregation task in my project. where we can specific identity and application account mainly ad,azure and successfactor for aggregation specific with user. Can you please help and provide the complete solution to this.
Regards
Amit
Hi @ayadav_12 ,
Please take a look on this document it lists down the approaches and at the same time you may use this to configure rule and then aggregate the account via Run-Rule Task.
Let me know if further help is needed.
You could utilize Run Ruler task as mentioned above or could call method passing application name and unique parameter.
Sample Code :
import sailpoint.object.Application;
import sailpoint.object.Attributes;
import sailpoint.object.Custom;
import sailpoint.object.Filter;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.object.QueryOptions;
import sailpoint.object.ResourceObject;
import sailpoint.object.TaskResult;
import sailpoint.object.Rule;
import sailpoint.connector.JDBCConnector;
import sailpoint.api.Aggregator;
import sailpoint.connector.Connector;
import org.apache.log4j.Logger;
import org.apache.log4j.Level;
// Declare a logger class for us to isolate these messages during aggregation.
// Force the log level to DEBUG for initial testing.
Logger log = Logger.getLogger(“sailpoint.services.DemonstrateSingleAccountAggregation”);
log.setLevel(Level.DEBUG); // TODO: Turn this off or remove this line when checking in.
// Initialize the error message to nothing.
String errorMessage = “”;
// We need some values defined to know which account we want to aggregate.
//String applicationName = “APPLICATION NAME”;
// String accountName = “UNIQUE KEY”;
// We have already validated all of the arguments. No just load the objects.
Application appObject = context.getObjectByName(Application.class, applicationName);
String appConnName = appObject.getConnector();
log.debug("Application " + applicationName + " uses connector " + appConnName);
Connector appConnector = sailpoint.connector.ConnectorFactory.getConnector(appObject, null);
if (null == appConnector) {
errorMessage = “Failed to construct an instance of connector [” + appConnName + “]”;
return errorMessage;
}
log.debug(“Connector instantiated, calling getObject() to read account details…”);
ResourceObject rObj = null;
try {
rObj = (ResourceObject) appConnector.getObject("account", accountName, null);
} catch (sailpoint.connector.ObjectNotFoundException onfe) {
errorMessage = “Connector could not find account: [” + accountName + “]”;
errorMessage += " in application [" + applicationName + “]”;
log.error(errorMessage);
log.error(onfe);
return errorMessage;
}
if (null == rObj) {
errorMessage = "ERROR: Could not get ResourceObject for account: " + accountName;
log.eror(errorMessage);
return errorMessage;
}
log.debug("Got raw resourceObject: " + rObj.toXml());
// Now we have a raw ResourceObject. The Application in IdentityIQ may have a
// Customization rule defined to transform the ResourceObject. We need to
// honor that configuration, so if the Applicaiton has a Rule then we run it.
Rule customizationRule = appObject.getCustomizationRule();
if (null != customizationRule) {
log.debug("Customization rule found for applicaiton " + applicationName);
try {
// Pass the mandatory arguments to the Customization rule for the app.
HashMap ruleArgs = new HashMap();
ruleArgs.put("context", context);
ruleArgs.put("log", log);
ruleArgs.put("object", rObj);
ruleArgs.put("application", appObject);
ruleArgs.put("connector", appConnector);
ruleArgs.put("state", new HashMap());
// Call the customization rule just like a normal aggregation would.
ResourceObject newRObj = context.runRule(customizationRule, ruleArgs, null);
// Make sure we got a valid resourceObject back from the rule.
if (null != newRObj) {
rObj = newRObj;
log.debug("Got post-customization resourceObject: " + rObj.toXml());
}
} catch (Exception ex) {
// Swallow any customization rule errors, the show must go on!
log.error("Error while running Customization rule for " + applicationName);
}
}
// Next we perform a miniature “Aggregation” using IIQ’s built in Aggregator.
// Create an arguments map for the aggregation task.
// To change this (if you need to), the map contains aggregation options and is the same as the
// arguments to the acocunt aggregation tasks. Some suggestied defaults are:
Attributes argMap = new Attributes();
//argMap.put(“promoteAttributes”, “true”);
argMap.put(“correlateEntitlements”, “true”);
argMap.put(“noOptimizeReaggregation”, “true”); // Note: Set to false to disable re-correlation.
// Consturct an aggregator instance.
Aggregator agg = new Aggregator(context, argMap);
if (null == agg) {
errorMessage = “Null Aggregator returned from constructor. Unable to Aggregate!”;
log.eror(errorMessage);
return errorMessage;
}
// Invoke the aggregation task by calling the aggregate() method.
// Note: the aggregate() call may take serveral seconds to complete.
log.debug("Calling aggregate() method… ");
TaskResult taskResult = agg.aggregate(appObject, rObj);
log.debug(“aggregation complete.”);
if (null == taskResult) {
errorMessage = “ERROR: Null taskResult returned from aggregate() call.”;
log.eror(errorMessage);
return errorMessage;
}
// Show the task result details for engineers curious about the results.
// These ususally look like the following:
// Where the “udpated” indiciates the number of account links updated.
log.debug(“TaskResult details: \n” + taskResult.toXml());
return (“Success”);
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.