IDM Importer - Configuring
Overview
The IDM.Importer can be configured via the settings.yaml file, found in the C:\ProgramData\AMAG\AMAG.IDM.Importer folder on the host machine. The settings.yaml uses YAML formatting.
The setting,yaml file has five sections:
SqlSource or Db2Source
SqlPhotoSources
IdmDestination
IdmPhotoDestination
Processes
Example File
SqlSources: - Name: clientSampleSource - Connection: Server=192.168.00.00;Database=multiMAX;User ID=userName;Password=password;> - Sql: "SELECT top 1 vch.CardID as EmployeeNumber, FirstName, lost, Case When InitLet is not null then [InitLet] Else '' End as MiddleName, LastName, convert(nvarchar, vch.CardID)+'@mailinator.com' as PrimaryEmail, '555-555-5555' as PrimaryPhone, '0' as EmployeeCategory, '200 Federal' as Building, '2017-09-25 17:33:35.347' as ExpirationDate, '3' as EmployeeType FROM [multiMax].dbo.CardInfoTable (NOLOCK) AS vch LEFT JOIN [dbo].[CardHolderTable] (NOLOCK) cht ON cht.CardID = vch.CardID LEFT JOIN ViewSMSCardHolderPersonalData1_25 (NOLOCK) pdt ON pdt.CardID = vch.CardID order by EmployeeNumber asc" - QueryMode: Everything - SourceTracksDeletions: false IdmDestination: Name: IdmDestinationSample WebApiToken: 0bd68448-a6dd-47ac-864a-a3635fd85987 WebApiUrl: https://acme.symmetry.net Processes: - Source: clientSampleSource - Destination: IdmDestinationSample
SqlSource or Db2Source
Overview
The SqlSource or DB2Source provides the information to connect, retrieve and handle data from the source feed. SqlSource is used when to source is Microsoft SQL Database, DB2Source is used when the source is an IBM DB2 database.
Supported fields
Name – Unique identifier used to identify the configuration
Connection – SQL Connection string used to connect to the database
SQL – The query string used to retrieve the data from the source
Options:
QueryMode – Defines how the importer will query the source
Everything – All changes are processed. A file containing the hash value of all last executed records is kept locally. All executed SQL query results are compared against this file using the EmployeeNumber column as a key and a calculated hash of the entire SQL result row. If the row has changed the hash value will be different and an update command will be executed. If file does not contain a record for the EmployeeNumber, then an insert command will be executed. Finally, if the file has a record of the EmployeeNumber, but the SQL result is missing it, then a Delete command will be executed.
ChangesOnly – A file is used to keep track of the last changed date/time, unless SourceTracksDeletions is enable then a file for the identities will be kept as well. With this option only changes will be processed and sent to IDM. To use this option a LastChangedDate or LastTimestamp column is required.
SourceTracksDeletions – Used to define if the source feed will keep track of record deletion. When the source feed will identify deleted and terminated records. This requires SourceProvidesActionField to be true as well. When false, records that are currently in the hash file, but not in the returned record set will have a delete command executed against them. False is the default value.
SourceProvidesActionField – Indicates if the source will provide the action to take against the record via a column labeled IdmAction. When True the source feed will provide a column IdmAction which will indicate the action that should be taken. Options include:
A - Active, will add, update, or restore a record based on its current state
T - Terminate, will flag a record as terminated
D - Delete, will delete the record from IDM
Note
When a value other then A, T, or D, is encountered then A will be assumed. When SourceTracksDeletions is false, if a record is not part of the record set but we have reference from previous execution in hash file, then a delete command will be executed.
SqlPhotoSources
The SqlPhotoSource defines the source used to obtain photos to be uploaded to IDM.
Name – Unique identifier used to identify the configuration
Connection – SQL Connection string used to connect to the database
SQL – The query string used to retrieve the data from the source. This query cannot use the Group By clauses
SqlPhotoSources:
- Name: sqlEmployeePhoto
Connection: Server=192.168.00.000;Database=multiMAX;UserID=userName;Password=password;
Sql: "select cast(CardNumber as varchar) as EmployeeNumber, chft.Face as Photo FROM [multiMAX].dbo.ViewSMSCardHolders as vch JOIN [multiMAX].dbo.CardHolderFaceTable chft ON vch.CardID=chft.CardID"Always queries all results
All Photos are scaled down if greater then 350px by 250px
IdmDestination
Overview
This section defines the IDM account to send the identity data to.
Supported Fields
Name – Unique identifier used to identify the configuration
WebApiToken – An identification number obtained through your Access Control Integration configuration screen
WebApiUrl – The URL of your IDM account in the form: https://<subdomain>.<domain>
IdmPhotoDestination
Overview
This section defines the IDM account to send the identity photo data to.
Supported Fields
Name – Unique identifier used to identify the configuration
WebApiToken – An identification number obtained through your Access Control Integration configuration screen
WebApiUrl – The URL of your IDM account in the form: >
Example
IdmPhotoDestination: Name: IdmPhoto WebApiToken: 087af0a0-bf87-469f-b1ab-b5b4bbcebab0 WebApiUrl: https://acme.symmetry.net
Processes
Overview
Provides a directive for each Source / Destination pair. You can combine several processes.
Supported Fields
Source – reference the name field of one of the defined sources
Destination – reference the name field of one of the defined destinations
Example
Processes:
- Source: sqlEmployee
Destination: IdmEmployee
- Source: sqlEmployeePhoto
Destination: IdmEmployeePhotoSupported Query Columns:
EmployeeNumber - Unique value for Employee, which can be identified within a group
FirstName
MiddleName
LastName
Gender
0 - Unspecified (Default)
1 - Male
2 - Female
PrimaryEmail - Email of identity, must be Unique, will be defaulted to ‘Work’ type
PrimaryPhone - Phone of identity, will be defaulted to ‘Work’ type
TitlePrefix - Example: Mr., Mrs., Ms., Dr., etc.
Title - Professional Title, example: Manager, Vice President, etc.
TitleSuffix - Example: Jr., Sr., Ph.D., J.D., etc.
Location
EmployeeType
0 - Employee
1 - NonEmployee
EmployeeCategory - General category of employee, could be contractor, vendor, etc.
Department
Floor
StartDate - Employment Start Date
ExpirationDate - Employment Expiration Date
DateOfBirth - Employee’s Date of Birth
IsDeleted - if specified as “true”, record will be deleted in IDM
Photo
Format Type: Photo as a Base64 string
Manager - EmployeeNumber of Manager
Building - If specified, will be matched against existing buildings by name, otherwise default building will be used
Company - If specified, will be matched against existing companies by name. If no match found, a new company will be created.
ErrorMessage - error message that will be logged into IDM Error report.
SendInvitationToSignupWithSymmetryConnect - if set to true, once uploaded and processed, will send out an email to provided PrimaryEmail an invitation to sign up for web access.
User Defined Fields (UDFs) - All columns that are named differently than above described column names, will be added to User Defined Fields collection and resolved to matching defined in IDM UDFs. If UDF in IDM is not defined, then this field will be ignored.
Unsupported Fields
Using any one of the following fields will trigger a validation error:
EmployeeNumber - when not provided
Reserved column names that cannot be in SQL statement:
IsDeleted
IsTerminated
BatchId
UserDefinedFields
Hash
Errors