NSD1145 Creating a virtual hierarchical structure based on attribute values

Fact

Nordic Edge Standalone Edition, Nordic Edge Web Edition

Situation

The virtual structure requires a filter, some policies and Nordic Edge Identity Manager version 3.6.4086 or higher. All components are included in the zip file attached to this document.

Solution

Prerequisite:

- Nordic Edge Identity Manager standalone AND webedition version 3.6 rev. 4086 or higher (can be downloaded last in this page)

- The filter VirtualStructure

- Match criteria to select objects to build the virtual hierarchical structure of

- Attribute values on the matched objects that represents the virtual structure

 1. First make sure that the lastest version if Nordic Edge Identity Manager 3.6 is installed. Version 3.6.4086 is included in the zip file attached in this document. 

Copy the files from the "lib" directories to the corresponding Nordic Edge Identity Manager versions "lib" directory.

2. Copy the files "VirtualStructure$1.class" and "VirtualStructure.class" to the "filter" directory of both the standalone client and

the webbased client. Example:

 "C:\Program Files\NordicEdge\Idmgr\filter"

and 

 "C:\Program Files\tomcat5-im36\webapps\nordicedge\WEB-INF\classes\filter"

3. Copy the policy descriptor file "VirtualStructurePolicyDescriptor.xml" to the standalone clients lib directory, example:

 "C:\Program Files\NordicEdge\Idmgr\lib"

4. Start Identity Manager standalone client.

5. Either create a new organizationalunit object or select an existing object that should act as the starting point in the virtual structure. 

6. Make sure there is a Policy Manager tab loaded. 

          The new Virtual Structure category should appear:

7. Set the following polices for either a group, user or an ou for the users that will be assigned the virtual structure.

   "VirtualStructure.StartNode" –> To point to where to start the virtual structure

 "VirtualStructure.SearchFilter" –> The LDAP serach filter that searches for objects (e.g. users) that should be included in the virtual structure. Use the keyword LDAP(attributeName) to include the view users attribute values for example: 

   

manager=LDAP(MyDN) will be expanded to manager=cn=john Doe,o=Nordicedge during searches

                                     

"VirtualStructure.Category.Attribute.1" –> Set up to 9 levels of hierarchical structure based on attribute values.

8. Set the policy (Searching/Filter) Custom.SearchResults.Filters to filter.VirtualStructure

(Note, the name is case sensitive).

In the example above, it will create a virtual structure based on this directory information:

 For a complete demo, click on the link below to watch a screen recording in QuickTime format:

 http://www.nordicedge.se/download/demo/VirtualStructureDemo.mov

Attachment:

NSD1145-Virtual_Structure.zip

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

Nordic Edge Support – www.nordicedge.se