Solved: UI AC Filter

Private_Member_347780 · ‎04-15-2016

Dear Community Members,

I have a requirement to restrict access to a ui based on the value in attribute MX_FS_PERSONNEL_NUMBER. I need to restrict processing on the ui to only entries who have a null value for the above attribute, Could you recommend an efficient filter for this?

IDM 8.0

Oracle DB,

Thanking you Kindly,

-A

normann · ‎04-19-2016

Hi Akhil,

so you want a UI form to only be executable for users without this attribute right? Or the whole UI?

If you are talking about a form you could just use a "not in" as SQL filter like:

select mcMSKEY from idmv_entry_simple where mcEntryType = 'MX_PERSON' and mcMSKEY not in (select mskey from idmv_value_basic where attrName = 'MX_FS_PERSONNEL_NUMBER')

or a left join (better performance on MS SQL):

select perNr.MSKEY from

(select mcMSKEY from idmv_entry_simple where mcEntryType = 'MX_PERSON') allUsers

LEFT JOIN

(select mskey from idmv_value_basic where attrName = 'MX_FS_PERSONNEL_NUMBER') perNr

on allUsers.mcMSKEY = perNr.mskey

where perNr.mskey is null

Regards

Norman

Ckumar · ‎04-15-2016

Hello Akhil,

You can write a To identity store where in source tab put a query which will calculate all the entries (MX_PERSON) who do not have MX_FS_PERSONNEL_NUMBER and then in destination tab remove the ONLY (PRIV:<AS JAVA Rep NAME>:ONLY) and corresponding SYSTEM privilege from the entry. It will remove the user from IDM UI.

I have not tested this but I think it will work. Please test and confirm for 1 or user first.

Once it work, you can set the scheduling rule as per your requirement.

Regards,

C Kumar

UI AC Filter

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Re: Change BW Query Initial Variable Input at runt...

Invalid value of "AppName" in MDKProject.json. It ...

Re: How to write the sum of same values into each ...

Re: Merge cells in analysis for office?

Re: BusinessObjects 4.2 SP9 to 4.3 latest version