Configuring

Overview

The IDM.Importer can be configured via the settings.yaml file, found in the C:\ProgramData\AMAG\AMAG.IDM.Importer folder on the host machine. The settings.yaml uses YAML formatting.

The setting,yaml file has five sections:

  • SqlSource or Db2Source
  • SqlPhotoSources
  • IdmDestination
  • IdmPhotoDestination
  • Processes

Example File

SqlSources:
 - Name: clientSampleSource
 - Connection: Server=192.168.00.00;Database=multiMAX;User ID=userName;Password=password;>
 - Sql: "SELECT top 1 vch.CardID as EmployeeNumber, FirstName, lost, Case When InitLet is not null then [InitLet] Else '' End as MiddleName, LastName, convert(nvarchar, vch.CardID)+'@mailinator.com' as PrimaryEmail, '555-555-5555' as PrimaryPhone, '0' as EmployeeCategory, '200 Federal' as Building, '2017-09-25 17:33:35.347' as ExpirationDate, '3' as EmployeeType FROM [multiMax].dbo.CardInfoTable (NOLOCK) AS vch LEFT JOIN [dbo].[CardHolderTable] (NOLOCK) cht ON cht.CardID = vch.CardID LEFT JOIN ViewSMSCardHolderPersonalData1_25 (NOLOCK) pdt ON pdt.CardID = vch.CardID order by EmployeeNumber asc"
 - QueryMode: Everything
 - SourceTracksDeletions: false

IdmDestination:
 Name: IdmDestinationSample
 WebApiToken: 0bd68448-a6dd-47ac-864a-a3635fd85987
 WebApiUrl: https://acme.symmetry.net

Processes:
 - Source: clientSampleSource
 - Destination: IdmDestinationSample

SqlSource or Db2Source

Overview

The SqlSource or DB2Source provides the information to connect, retrieve and handle data from the source feed. SqlSource is used when to source is Microsoft SQL Database, DB2Source is used when the source is an IBM DB2 database.

Supported fields

  • Name – Unique identifier used to identify the configuration.

  • Connection – SQL Connection string used to connect to the database

  • SQL – The query string used to retrieve the data from the source

  • Options:

    • QueryMode – Defines how the importer will query the source
    • Everything – All changes are processed. A file containing the hash value of all last executed records is kept locally. All executed SQL query results are compared against this file using the EmployeeNumber column as a key and a calculated hash of the entire SQL result row. If the row has changed the hash value will be different and an update command will be executed. If file does not contain a record for the EmployeeNumber, then an insert command will be executed. Finally, if the file has a record of the EmployeeNumber, but the SQL result is missing it, then a Delete command will be executed.
    • ChangesOnly – A file is used to keep track of the last changed date/time, unless SourceTracksDeletions is enable then a file for the identities will be kept as well. With this option only changes will be processed and sent to IDM. To use this option a LastChangedDate or LastTimestamp column is required.
    • SourceTracksDeletions – Used to define if the source feed will keep track of record deletion. When the source feed will identify deleted and terminated records. This requires SourceProvidesActionField to be true as well. When false, records that are currently in the hash file, but not in the returned record set will have a delete command executed against them. False is the default value.
    • SourceProvidesActionField – Indicates if the source will provide the action to take against the record via a column labeled IdmAction. When True the source feed will provide a column IdmAction which will indicate the action that should be taken. Options include:
      • A – Active, will add, update, or restore a record based on its current state
      • T – Terminate, will flag a record as terminated
      • D – Delete, will delete the record from IDM

    When a value other then A, T, or D, is encountered then A will be assumed. When SourceTracksDeletions is false, if a record is not part of the record set but we have reference from previous execution in hash file, then a delete command will be executed.

SqlPhotoSources

Overview

The SqlPhotoSource defines the source used to obtain photos to be uploaded to IDM.

Supported Fields

  • Name – Unique identifier used to identify the configuration.
  • Connection – SQL Connection string used to connect to the database
  • SQL – The query string used to retrieve the data from the source. This query cannot use the Group By clauses.

Example

SqlPhotoSources:
  - Name: sqlEmployeePhoto
    Connection: Server=192.168.00.000;Database=multiMAX;UserID=userName;Password=password;
    Sql: "select cast(CardNumber as varchar) as EmployeeNumber, chft.Face as Photo FROM [multiMAX].dbo.ViewSMSCardHolders as vch JOIN [multiMAX].dbo.CardHolderFaceTable chft ON vch.CardID=chft.CardID"

Notes

  • Always queries all results
  • All Photos are scaled down if greater then 350px by 250px.

IdmDestination

Overview

This section defines the IDM account to send the identity data to.

Supported Fields

  • Name – Unique identifier used to identify the configuration.
  • WebApiToken – An identification number obtained through your Access Control Integration configuration screen
  • WebApiUrl – The URL of your IDM account in the form: https://<subdomain>.<domain>

IdmPhotoDestination

Overview

This section defines the IDM account to send the identity photo data to.

Supported Fields

  • Name – Unique identifier used to identify the configuration.
  • WebApiToken – An identification number obtained through your Access Control Integration configuration screen
  • WebApiUrl – The URL of your IDM account in the form: >

Example

IdmPhotoDestination:
  Name: IdmPhoto
  WebApiToken: 087af0a0-bf87-469f-b1ab-b5b4bbcebab0
  WebApiUrl: https://acme.symmetry.net

Processes

Overview

Provides a directive for each Source / Destination pair. You can combine several processes.

Supported Fields

  • Source – reference the name field of one of the defined sources
  • Destination – reference the name field of one of the defined destinations

Example

Processes:
  - Source: sqlEmployee
    Destination: IdmEmployee
  - Source: sqlEmployeePhoto
    Destination: IdmEmployeePhoto

Supported Query Columns:

  • EmployeeNumber - Unique value for Employee, which can be identified within a group
  • FirstName
  • MiddleName
  • LastName
  • Gender
    • 0 - Unspecified (Default)
    • 1 - Male
    • 2 - Female
  • PrimaryEmail - Email of identity, must be Unique, will be defaulted to ‘Work’ type
  • PrimaryPhone - Phone of identity, will be defaulted to ‘Work’ type
  • TitlePrefix - Example: Mr., Mrs., Ms., Dr., etc.
  • Title - Professional Title, example: Manager, Vice President, etc.
  • TitleSuffix - Example: Jr., Sr., Ph.D., J.D., etc.
  • Location
  • EmployeeType
    • 0 - Employee
    • 1 - NonEmployee
  • EmployeeCategory - General category of employee, could be contractor, vendor, etc.
  • Department
  • Floor
  • StartDate - Employment Start Date
  • ExpirationDate - Employment Expiration Date
  • DateOfBirth - Employee’s Date of Birth
  • IsDeleted - if specified as “true”, record will be deleted in IDM
  • Photo
  • Format Type: Photo as a Base64 string
  • Manager - EmployeeNumber of Manager
  • Building - If specified, will be matched against existing buildings by name, otherwise default building will be used
  • Company - If specified, will be matched against existing companies by name. If no match found, a new company will be created.
  • ErrorMessage - error message that will be logged into IDM Error report.
  • SendInvitationToSignupWithSymmetryConnect - if set to true, once uploaded and processed, will send out an email to provided PrimaryEmail an invitation to sign up for web access.
  • User Defined Fields (UDFs) - All columns that are named differently than above described column names, will be added to User Defined Fields collection and resolved to matching defined in IDM UDFs. If UDF in IDM is not defined, then this field will be ignored.

Unsupported Fields

Using any one of the following fields will trigger a validation error:

  • EmployeeNumber - when not provided
  • Reserved column names that cannot be in SQL statement:
    • IsDeleted
    • IsTerminated
    • BatchId
    • UserDefinedFields
    • Hash
    • Errors