I’m looking for documentation to create a fully virtual connector, if possible.
Having some external systems that don’t allow direct interractions, we want to use ID manager internal ticket system.
Settings of the connector is :
2 connections :
Package Ticket/Usercube and create/update/delete
Package Custom/Unplugged “Manages an unplugged system with a completely custom data model.” => where we created one table with our set of columns
1 Entity Type
mapped on the table described in the unplugged connection
1 Ressource Type
with provisionning connection set on the Unplugged connection - it allows addition and removal
When running the “All provisionning tasks”, it does work fine for creating tickets for add/update/delete tasks.
It also work fine to create new ressources, based on the role assignment.
But when there’s delete of a role for a ressource, or the update of a Ressource Property, it never goes till the end of the workflow. Status is :
Provisioning State Executed
While for creation, it goes to Provisioning State Verified.
Is it a setting issue ?
I have the same question when we use a CSV Powershell output instead of tickets.
In that case, even the ressource creation stays in state “Verified”.
=> is it possible to use the “PowerShellProv” provisionning connection with an Entity Type that is based on a “Custom/Unplugged” connection ? Or are we forced to use a “File/CSV” connection for synchronisation, to have a full workflow ?
Hello Valérie, we’re delighted to see you using our community site.
Regarding provisioning status, here’s a quick reminder about NIM training.
NIM only trusts what it sees…
This means that once a provisioning order has been calculated, transmitted, and executed, the status remains “Executed”…
UNTIL a synchronization is successfully performed and NIM verifies that the target system is up to date with the expected information.
Some connectors can handle both provisioning and synchronization, such as the AD connector or… the CSV connector.
If, when configuring your CSV connector, you chose provisioning AND synchronization (as in the screenshot below), then once the connector is launched, it will write (provisioning) and read (synchronization) the data, which is why you go directly to the verified status.
Remember: this separation between writing and reading can allow you to perform provisioning with one connector and synchronization with another.
For example: provisioning with a manual provisioning/ticketing connector… but for the “feedback loop,” you can use a CSV connector (in synchronization) to verify that the actions were actually performed by the operator who manages the ticket… even if they said they did…
NIM trusts only what it sees… NIM is your control tower, ensuring that your information system complies with your rules and decisions.
Each anomaly is identified, and you are notified so that you can make a decision.
Thanks for your detailed answer, which is very usefull for us.
I’ll keep in mind that NIM only trust what it sees. Which seems of course logical as a control tower.
We’ll put in place what you suggested for the feedback loop. It’s what is missing in our workflow.
