Data import
General settings
| Setting | Description |
|---|---|
| Name | Type a unique name for the system. Two systems cannot have the same name. |
| System ID | Type a unique System ID for the system. Two systems cannot have the same System ID. You cannot change this setting. |
| Description | Type an optional description of the system. |
| Status | Status of the system. Set the status to Removed to ensure the system is no longer included in warehouse imports, reconciliation or provisioning. Setting a system as removed will delete all objects referring to the system, including resources, manual and automated provisioning tasks, and assignment policies. |
| Content | The type of content to import. You can choose: Identity data Access rights Both (Identity data and access rights) |
| Trusts | Optionally, select one or more trusted systems to associate with the system. |
| Prevent self-service | Optionally, decide if it will be possible or not to request the resource in a self-service requests in that system. |
info
Trust is specifically designed for use between physical systems. It is not intended for use between logical and physical systems.
Queries and mappings
Default provided mappings
Out of the box, the Omada Entrust Connectivity provides the following mappings:
Request XML
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:entrust.com:ig:adminV11:wsdl">
<soapenv:Header/>
<soapenv:Body>
<urn:userListCallParms>
<filter>
<maxReturn>100</maxReturn>
<nextUser>0</nextUser>
</filter>
<parms>
</parms>
</urn:userListCallParms>
</soapenv:Body>
</soapenv:Envelope>
Entity node XPath
/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']
Alias mappings
UserName:/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']/*[local-name() = 'UserName']
Userid:/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']/*[local-name() = 'Userid']
UserState:/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']/*[local-name() = 'UserState']
UserNumber:/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']/*[local-name() = 'UserNumber']
FullName:/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'users']/*[local-name() = 'item']/*[local-name() = 'FullName']
First ID XPatch (request)
/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListCallParms']/*[local-name() = 'filter']/*[local-name() = 'nextUser']
Next ID XPath (response)
/*[local-name() = 'Envelope']/*[local-name() = 'Body']/*[local-name() = 'userListReturn']/*[local-name() = 'nextUser']
Mappings
| Destination | Operator | Source |
|---|---|---|
| Business key | Map | Userid |
| Unique ID | Map | UserName |
| Account name | Map | UserName |
| Display name | Map | FullName |
| Status | Expression | UserState == "ACTIVE" ? "Active" : "Inactive" |
Account rules
Out-of-the box, the Omada Entrust connectivity has the following Account rules.
- Ownership rule: The account owner is set to the identity where the 'Identity unique Id' value of the identity matches the 'Account UID' value of the account
- Classification rule: If an identity with the account attribute 'Identity join reason' Equals 'Exact Match', the account type is set to 'Personal'.
Ownership rule
| Field | Value |
|---|---|
| Type | Identity lookup |
| Join reason | Exact Match |
| Account attribute | Account UID |
| Identity attribute | Identity's unique ID |
Classification rule
| Field | Value |
|---|---|
| Account type | Personal |
| Scope attribute | Identity join reason |
| Scope operator | Equals |
| Scope value | Exact Match |