System information
Bugs Fixed in This Release
Page 32 Identity Manager 7.1 Update 1 • Release Notes
Auditing
• Now, when you launch a periodic access review and then go to the Access Reviews page,
you no longer have to manually refresh the page to see your scan displayed in the list.
(D-14169, 16570)
• The Identity Manager Compliance features provide tasks, policies, and rules that you can
use as is. (ID-16127, 16571)
Identity Manager initially creates these objects in either the Top or All object groups as
appropriate. For deployments that use delegated administration with administrators that
do not control the Top object group, you may want to add some or all Auditor objects to
other object groups. Identity Manager provides a script that lists and adds or removes
object groups from the Auditor objects. (For a complete list of Auditor objects, see
$WSHOME/sample/scripts/AuditorObjects.txt
.)
❍ To list objects:
cd $WSHOME/sample/scripts
beanshell.sh objectGroupUpdate.bsh -u Configurator -p
Configurator's password
-h
idm-url
-action list -data AuditorObjects.txt
❍ To add the 'All' object group to all objects:
cd $WSHOME/sample/scripts
beanshell.sh objectGroupUpdate.bsh -u Configurator -p
Configurator's password
-h
idm-url
-action add -data AuditorObjects.txt -groups
❍ To remove the 'All' object group from all objects:
cd $WSHOME/sample/scripts beanshell.sh objectGroupUpdate.bsh -u
Configurator -p
Configurator's password
-h
idm-url
-action remove -data
AuditorObjects.txt -groups All
NOTE In the following scripts, the expected form of
idm-url
is
[http://]hostname:port[/idm/servlet/rpcrouter2], where at least hostname:port are
required. You can omit the Identity Manager server if it is bound to the
default URL path.
NOTE You can use object groups Top and All with their friendly names, but
almost all other object groups require you to use the object group ID with
this utility.