How To
ForgeRock Identity Platform
Does not apply to Identity Cloud
How do I configure the Task Scanner in IDM (All versions) to find a user's start date between today and n number of days in the future?
The purpose of this article is to provide information on configuring the Task Scanner in IDM to find a user's start date between today and n number of days in the future using the sunset/date property.
Configuring the Task Scanner
You can configure the Task Scanner to find a user's start date by writing a new task scanner query. In this example, I want to match user records with a sunset date between today and 7 days in the future:
- Create a new query in the repo.jdbc.json file (located in the /path/to/idm/conf directory) that will be invoked by the task scanner. In this example, the query is called scan-tasks-between-before-after-date and will return users (objects) whose scan property (sunset/date) is between the specified before and after dates: "scan-tasks-between-before-after-date" : "SELECT fullobject FROM ${_dbSchema}.${_mainTable} obj INNER JOIN ${_dbSchema}.${_propTable} prop ON obj.id = prop.${_mainTable}_id INNER JOIN ${_dbSchema}.${_propTable} complete ON obj.id = complete.${_mainTable}_id INNER JOIN ${_dbSchema}.objecttypes objtype ON objtype.id = obj.objecttypes_id WHERE ( prop.propkey=${property} AND prop.propvalue < ${condition.before} AND prop.propvalue > ${condition.after} AND objtype.objecttype = ${_resource} )"
- Copy the sample configuration file (schedule-taskscan_sunset.json) to the /path/to/idm/conf directory.
- Update the configuration file to reference your new query and include the before and after dates within the condition property for the period you are interested in, for example: { "enabled" : true, "type" : "cron", "schedule" : "0 0 * * * ?", "concurrentExecution" : false, "invokeService" : "taskscanner", "invokeContext" : { "waitForCompletion" : false, "maxRecords" : 2000, "numberOfThreads" : 5, "scan" : { "_queryId" : "scan-tasks-between-before-after-date", "object" : "managed/user", "property" : "sunset/date", "condition" : { "before" : "${Time.now + 7d}", "after" : "${Time.now + 1d}" }, "taskState" : { "started" : "sunset/task-started", "completed" : "sunset/task-completed" }, "recovery" : { "timeout" : "10m" } }, "task" : { "script" : { "type" : "text/javascript", "file" : "script/sunset.js" } } } }The ${condition.before} and ${condition.after} references in your query are replaced with the values you specified in the condition property when the scan task is run.
Note
You must ensure you have updated your managed/user object to include a complex attribute called sunset (that maps to the taskState property) as described in FAQ: Task Scanner in IDM.
See Also
Related Training
N/A
Related Issue Tracker IDs
N/A