How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I configure the Task Scanner in IDM (All versions) to find a user's start date between today and n number of days in the future?

Last updated Jan 12, 2023

The purpose of this article is to provide information on configuring the Task Scanner in IDM to find a user's start date between today and n number of days in the future using the sunset/date property.

Configuring the Task Scanner

You can configure the Task Scanner to find a user's start date by writing a new task scanner query. In this example, I want to match user records with a sunset date between today and 7 days in the future:

  1. Create a new query in the repo.jdbc.json file (located in the /path/to/idm/conf directory) that will be invoked by the task scanner. In this example, the query is called scan-tasks-between-before-after-date and will return users (objects) whose scan property (sunset/date) is between the specified before and after dates: "scan-tasks-between-before-after-date" : "SELECT fullobject FROM ${_dbSchema}.${_mainTable} obj INNER JOIN ${_dbSchema}.${_propTable} prop ON = prop.${_mainTable}_id INNER JOIN ${_dbSchema}.${_propTable} complete ON = complete.${_mainTable}_id INNER JOIN ${_dbSchema}.objecttypes objtype ON = obj.objecttypes_id WHERE ( prop.propkey=${property} AND prop.propvalue < ${condition.before} AND prop.propvalue > ${condition.after} AND objtype.objecttype = ${_resource} )"
  2. Copy the sample configuration file (​schedule-taskscan_sunset.json) to the /path/to/idm/conf directory.
  3. Update the configuration file to reference your new query and include the before and after dates within the condition property for the period you are interested in, for example: { "enabled" : true, "type" : "cron", "schedule" : "0 0 * * * ?", "concurrentExecution" : false, "invokeService" : "taskscanner", "invokeContext" : { "waitForCompletion" : false, "maxRecords" : 2000, "numberOfThreads" : 5, "scan" : { "_queryId" : "scan-tasks-between-before-after-date", "object" : "managed/user", "property" : "sunset/date", "condition" : { "before" : "${ + 7d}", "after" : "${ + 1d}" }, "taskState" : { "started" : "sunset/task-started", "completed" : "sunset/task-completed" }, "recovery" : { "timeout" : "10m" } }, "task" : { "script" : { "type" : "text/javascript", "file" : "script/sunset.js" } } } }The ${condition.before} and ${condition.after} references in your query are replaced with the values you specified in the condition property when the scan task is run.

You must ensure you have updated your managed/user object to include a complex attribute called sunset (that maps to the taskState property) as described in FAQ: Task Scanner in IDM.

See Also

FAQ: Task Scanner in IDM

How do I convert a date stored in DS to a format that the Task Scanner in IDM (All versions) can use?

Configure the Task Scanner

Related Training


Related Issue Tracker IDs


Copyright and Trademarks Copyright © 2023 ForgeRock, all rights reserved.