How to search for accounts with attributes that are not 'searchable'

Which IIQ version are you inquiring about?

Version 8.2

Please share any images or screenshots, if relevant.

Share all details related to your problem, including any error messages you may have received.

Trying to search for specific users of an application

querying one attribute that is ‘searchable’
but the other atttribute is not ‘searchable’
We made the attribute ‘searchable’ under ‘Global Settings > Identity Mappings’ but it did not come back with any results.

We appreciate your help with this. Thanks

Hi @tsobetski ,

Your query is not very clear. The given snippet suggests, you are trying to retrieve a link object based on application name and identity. But the query says using the identity searchable attribute to get a link object?

Can you elaborate the question once again? Also, you mentioned that a new attribute is made searchable, however when used it never returned any results. Have you performed a refresh on all the identities such that the newly made searchable attribute is updated properly for your query search?

Regards,
Uday Kilambi

@tsobetski you have do some more changes like changing .hbm files etc… pls check these links

Managing Extended Attributes - Compass (sailpoint.com)

1 new message (sailpointworks.blogspot.com)

Uday,

The query that you’re referencing is more skeleton code for what we would like to do. Our goal is to be able to reference linked attributes from these Applications. For example, we have a couple linked attributes under our SailPoint Authoritative Source application that are not searchable but we’d still like to query them for auditing purposes.

you need to add the attribute in the IdentityExtended.xml file and add the column into DB.

You can update DB with the command console updateDB

All these non searchable attributes are store in attributes column , so either you need to use sql query . and if you use api then you need to use

For example :
Attributes attrs = link.getAttributes();
String cn = attrs.getString(“cn”);

Depending on your performance requirements, I think you have three options:

1. Promote the account attributes to identity attributes and ensure that the identity attributes are searchable and that you’ve added columns for them to your database schema
2. If your database supports it (like Oracle does), write a SQL query that parses the attributes XML and pulls out the values of interest. This ties you to the database vendor, the IIQ database schema, and the way IdentityIQ stores attributes, so it’s not the most robust solution.
3. Use a projection query to get the attributes of the Link objects, then check the attribute values. This isn’t a very scalable solution, but if you have some other criteria by which you are selecting the Links to examine and you just need to retrieve the attributes for output it might be fine.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.