Sun Identity Manager 8.1 Resources Reference

Extending Views

You can add attributes to a view. All attributes must be registered.

The user attributes that are available to the different provisioning activities in Identity Manager are limited to those necessary to complete the action. For example, when editing a user, all possible user attributes are retrieved from the assigned resources and available for update. In contrast, the Change Password process needs only a subset of attributes to perform the request.

Attribute Registration

Attributes can be registered in one of two locations:


Register Attributes Here If ...  

AccountAttributeType definition in the resource

... the attributes you want to update are specific to a particular resource, rather than to all resources of that type. 

System Configuration object want to make global registrations for all resources of a particular type. These registrations must be done in XML format. 

You can register different attributes for different views. For example, you can register the lock attribute for the Password view and the firstname attribute for the Rename view or the resource action for the Enable, Disable, or Deprovision view.

Note –

In the case of before or after actions, you must extend the view for any process except the create or update user process. For information on extending a view, see Identity Manager Views.

Global Registration

To make global registrations, add an attribute in the System Configuration object with this path:


where ViewName is one of Password, Reset, Enable, Disable, Rename, or Delete, and ResourceTypeName is the name of the resource type. The type name all is reserved for registrations that apply to all resources.

The value of this attribute must be a List of <String>s. The strings are names of the attributes you want to update. The following example registers the attribute named delete before action in the Deprovision view for all resources.

<Attribute name=’updatableAttributes’>
       <Attribute name=’Delete’>
             <Attribute name=’all’>
                   <String>delete before action</String>
       <Attribute name=’Enable’>
             <Attribute name=’all’>
                   <String>enable before action</String>

Resource-Specific Registration

To make resource-specific registrations, modify the resource object from the Identity Manager Debug page and insert a <Views> sub-element in the AccountAttributeType element. <Views> must contain a list of strings whose values are the names of the views in which this attribute can be updated.

<AccountAttributeType name=’lastname’ mapName=’sn’ mapType=’string’>

In the view, attributes you want to modify are placed within this object:



<Field name= ’resourceAccounts.currentResourceAccounts[OS400ResourceName].
    attributes.delete before action’ hidden=’true’>