Samples Provided With IDM
This section lists the samples provided with IDM, with a high-level overview of each sample.
A number of samples are provided in the
- Getting Started
The Getting Started sample describes how to install and evaluate IDM.
- Synchronize Data From a CSV File to IDM
This sample demonstrates one-way synchronization from an external resource to an IDM repository. The external resource in this case is a simple CSV file. User objects in that file are synchronized with the managed users in the IDM repository.
- One Way Synchronization From LDAP to IDM
This sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes one mapping from the LDAP directory to the managed user repository, and demonstrates reconciliation from the external resource to the repository.
- Two Way Synchronization Between LDAP and IDM
This sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes two mappings - one from the LDAP directory to the managed user repository, and one in the opposite direction. The sample demonstrates reconciliation from the LDAP directory to the repository and implicit synchronization from the managed user repository to the LDAP directory.
- Synchronize LDAP Groups
This sample uses the generic LDAP connector to connect to an LDAP directory. The sample builds on the previous sample by providing an additional mapping, from the LDAP groups object, to the managed groups object. The sample illustrates a new managed object type (groups) and shows how this object type is synchronized with group containers in LDAP.
- Synchronize LDAP Group Membership
This sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes two mappings, one from the LDAP directory to the managed user repository, and one from the repository to the LDAP directory. The sample demonstrates synchronization of group membership, that is, how the value of the
ldapGroupsproperty in a managed user object is mapped to the corresponding user object in LDAP.
- Synchronize Data Between Two External Resources
This sample demonstrates synchronization between two external resources, routed through the IDM repository. The resources are named
ADand represent two separate LDAP directories. In the sample both resources are simulated with simple CSV files.
- Asynchronous Reconciliation Using a Workflow
This sample shows how you can use workflows to launch an asynchronous reconciliation operation.
- LiveSync With an LDAP Server
This sample illustrates the liveSync mechanism that pushes changes from an external resource to the IDM repository. The sample uses an LDAP connector to connect to an LDAP directory, either ForgeRock Directory Services (DS) or Active Directory.
- Synchronize Accounts With the Google Apps Connector
This sample uses the Google Apps Connector to create users and groups on an external Google system and to reconcile those accounts with the IDM managed user repository.
- Synchronize Users Between Salesforce and IDM
This sample demonstrates how to create and update users in Salesforce, using the Salesforce Connector. The sample also shows synchronization of users between Salesforce and the IDM managed user repository.
- Synchronize Kerberos User Principals
This sample demonstrates how to use the scripted Kerberos connector to manage Kerberos user principals and to reconcile user principals with IDM managed user objects.
- Store Multiple Passwords For Managed Users
This sample demonstrates how to set up multiple passwords for managed users and how to synchronize separate passwords to different external resources. The sample includes two target LDAP servers, each with different password policy and encryption requirements. The sample also shows how to extend the password history policy to apply to multiple password fields.
- Link Multiple Accounts to a Single Identity
This sample illustrates how IDM addresses links from multiple accounts to one identity. The sample shows how you can create links between a single source account and multiple target accounts, using link qualifiers that enable one-to-many relationships in mappings and policies.
- Link Historical Accounts
This sample demonstrates the retention of inactive (historical) LDAP accounts that have been linked to a corresponding managed user account.
- Provision Users With Roles
This sample builds on the sample described in One Way Synchronization From LDAP to IDM, and demonstrates how attributes are provisioned to an external system (an LDAP directory), based on role membership.
- Provision Users With Workflow
The provisioning workflow sample demonstrates a typical use case of a workflow — provisioning new users. The sample demonstrates the use of the End User UI to allow users to complete a registration process.
- Connect to DS With ScriptedREST
This sample uses the Groovy Connector Toolkit to implement a ScriptedREST connector that interacts with the DS REST API.
- Connect to a MySQL Database With ScriptedSQL
This sample uses the Groovy Connector Toolkit to implement a ScriptedSQL connector that interacts with an external MySQL database.
- Connect to Active Directory With the PowerShell Connector
This sample uses the MS Active Directory PowerShell module to demonstrate how you can synchronize managed objects with a Microsoft Active Directory deployment. The sample provides a number of PowerShell scripts that enable you to perform basic CRUD (create, read, update, delete) operations on an Active Directory server.
- Direct Audit Information To MySQL
This sample uses a ScriptedSQL implementation of the Groovy Connector Toolkit to direct audit information to a MySQL database.
- Direct Audit Information to a JMS Broker
This sample demonstrates how the JMS audit event handler can publish messages that comply with the Java(TM) Message Service Specification Final Release 1.1
- Synchronize Data Between MongoDB and IDM
This sample uses the Groovy Connector Toolkit to implement a scripted connector that interacts with a MongoDB Database. The connector can be used for provisioning MongoDB database users and roles from an IDM managed repository.
- Synchronize Data Between IDM and HubSpot
This sample demonstrates bidirectional synchronization between IDM managed users and HubSpot contacts.
- Synchronize Data Between IDM and DocuSign
This sample demonstrates bidirectional synchronization between IDM managed users and DocuSign user accounts.
- Synchronize Data Between IDM and a SCIM Provider
This sample demonstrates bidirectional synchronization between IDM managed users and roles with corresponding users and roles from a SCIM provider.
- Subscribe to JMS Messages
This sample demonstrates the scripted JMS message handler, and how it performs ForgeRock REST operations.
- Authenticate Using a Trusted Servlet Filter
This sample demonstrates how to use a custom servlet filter and the "Trusted Request Attribute Authentication Module" to allow IDM to authenticate through another service.
- Create a Custom Endpoint
IDM supports scriptable custom endpoints that enable you to launch arbitrary scripts through an IDM REST URI. This example shows how custom endpoints are configured and returns a list of variables available to each method used in a custom endpoint script.
- Example Configuration Files
In addition to these samples, IDM provides example configuration and data files that you can use to set up your own project. These files are in the
samples/example-configurationsdirectory. Details on each of these files is provided in the documentation that corresponds to the purpose of the file. For example, the
conf/external.email.jsonfile is described in Configure Outbound Email.