One thing that can be commonly overlooked in early SailPoint projects is performance tuning. Just like a car, SailPoint will get you where you need to go, but with a little tuning, it can get you there much faster. SailPoint provides a great performance tuning guide with all of the detailed JVM and database tuning […]
As an IdentityIQ implementation becomes more mature, there will inevitably be more applications connected. Depending on how the roles are set up, this will have one major consequence: provisioning the roles will take longer. The way IIQ will attempt to provision the roles, out of the box, is serially. It will run through each application […]
Custom tasks can be a powerful way to extend Sailpoint’s functionality to perform certain actions that the Out Of The Box (OOTB) solution doesn’t support. As a Sailpoint developer, you’re likely to run into certain client requirements for reporting and certifications which cannot be achieved using default tasks or OOTB configurations. Recently, I had to […]
One of the items we’ve been asked to integrate into SailPoint IIQ recently has been file shares. We want to be able to pull in permissions on folders and files within the file shares to certify their access within SailPoint IIQ. There isn’t a specific connector within IIQ for file shares. SailPoint’s documentation states that […]
Anyone familiar with identity management is well aware that not all data is created equal. Many times we get data that isn’t exactly in the state we’d like it to be. One instance I’ve seen many times when working with data for SailPoint IIQ is to get data in what can be described as a […]
Like most people doing SailPoint implementations, I keep a sandbox environment with SailPoint for my own testing and development. I often want to assign or remove a role from a user to test a provisioning policy or integration config. Back in the days of IIQ 5.5, I could do this by directly assigning role in the identity […]
One of the goals of a certification is to provide certifiers with a succinct list of items to be reviewed. Default values, low-risk entitlements, and distribution groups can commonly be removed from a certification. It is also common to have application entitlements reviewed by one user and other entitlements by a separate user. To remove various items from a […]
Sailpoint comes with a method to integrate and interact with other vendor Identity Management applications through a supported integration module called the Provision Integration Module (PIM). The supported vendor systems are: Oracle Identity Manager (OIM) Sun (now Oracle) Java System Identity Manager (SIM) IBM Tivoli Identity Manager (TIM) NetIQ Novell Identity Manager BMC ESS BMC Remedy […]
Brief overview of Identity Attributes in SailPoint IIQ followed by instructions on how to configure Identity Attributes. ***NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK. We do not guarantee this will work in your environment and make no warranties*** What are Identity Attributes […]