Skip to main content

My own developed - Active Directory Cache Inspector for AD Driver Novell Identity manager

Sometimes there is a need for us (Consultants) to see a snapshot of all the changes that happened on the Active directory side while the Novell AD IDM driver was stopped or was not running, before we decide to start the AD driver.

Since Novell Identity Manager currently allows us to see all the events which happened in the Identity vault only, but not on the AD side, I decided to write such a tool myself, and of course wanted to share this tool with the consultants/community out there. It's a .NET 2.0 WinForm application, written in C# programming language.

To run this tool you should have at minimum:

  • .NET 2.0 framework installed, ( Not supported on the Linux platforms yet)
  • This application must be run under the same user which is configured on the AD driver.

Short Tutorial (How To):

When you run the application (ADCView.exe), the application automatically discovers the current domain, a domain controller, and default domain naming context in the user logged in domain automatically.

The application will automatically set the user security context as the current logged on domain user ( Use current credentials). Or alternatively you can define credentials under which this application will run. I suggest to run this application under the same user which has been configured on the AD driver.

The application takes input from a driver state file "DRIVER_DN__state.xml", which can be found on the server, location(s) depends on the driver configuration setup (remote loader) or without remote loader. (Read the Novell IDM documentation for more details..)

And that's it!, Just click "Run", and you will see the events in a text file that can be opened either in notepad.exe or from within this application (View/Cache Log).

Terms of Use of Applications:

You understand and agree that you install and/or use all applications at your own risk.

downlaod location (coolsolutions)

http://www.novell.com/communities/node/9245/quick-dirty-ad-cache-inspector-ad-driver-novell-identity-manager



Labels:

Comments

Post a Comment

Popular posts from this blog

NetIQ IDM - JDBC statemens using policy builder

Few examples of using JDBC statements using dirxml policies On the Output policy: Handling matching policies with operation-data support: < rule > < description > [DB] Convert Query to DDL doc </ description > < comment name = "author" xml:space = "preserve" > Maqsood Ali Bhatti </ comment > < comment name = "version" xml:space = "preserve" > 5 </ comment > < comment name = "lastchanged" xml:space = "preserve" > Dec 20, 2017 </ comment > < conditions > < and > < if-operation mode = "case" op = "equal" > query </ if-operation > </ and > </ conditions > < actions > < do-append-xml-element expression = ".." name = "jdbc:statement" /> < do-append-xml-element expression = "../jdbc:statement[las...
Post a Comment
Read more

NetIQ IDM - Strip unwanted group member values from current operation

This code example shows how to remove unwanted group members from current operation based on some business logic. Optimization group members add to avoid  "ALREADY_EXIST_VALUE" kind of errors. when IDM engine fails to do so. Here I am doing look up in AD for members, and for each added member from IDM if user is already member of AD group, i am just striping out current member value from the current operaiton. < do-set-local-variable name = "group-dn" scope = "policy" > < arg-string > < token-src-dn /> </ arg-string > </ do-set-local-variable > < do-set-local-variable name = "group-members" scope = "policy" > < arg-node-set > < token-dest-attr class-name = "Group" name = "Member" /> </ arg-node-set > </ do-set-local-variable > < do-trace-message > < arg-string ...
Post a Comment
Read more

Experience writing a Java based DirXML Driver

Based on the customer project, I wrote a DirXML driver which provision users through Novell Identity Manager 3.5.1 to their company intranet portal ( A Plone System). The portal exposed the RESTful API interfaces. So I started looking first at the Novell SOAP driver to see if it fit our needs. But while reading the driver documentation i felt it required too much XSLT knowledge + more customization and testing on the driver. And again it used the Apache HttpClient, Which is more a HttpClient rather then it targets to any specific protocol implementation. So If you could build SOAP messages at your own so it would help you in transporting these message back and forth between IDM and Application. The Novell SOAP driver comes up with two built in configurations "SPML and DSML", but in my case none of them were suitable. I had always wished to write my own DirXML driver at my own, so I thought why not just take this opportunity to fulfill my wish and at the same time get s...
1 comment
Read more