The scripts are written using Windows PowerShell. They are located in the scripts\powershell folder below the folder where the driver was installed (C:\Program Files\Novell\WSDriver by default).
Subscriber events are submitted to Subscriber.ps1, which then calls the script for the event. Modify the ps1 file corresponding to the event type: Add.ps1, Modify.ps1, ModifyPassword.ps1, Delete.ps1, Move.ps1, Rename.ps1. Queries of the external system should be handled in Query.ps1.
The Publisher calls Poll.ps1 periodically. The frequency of the poll is determined by the Polling Interval driver parameter (60 seconds by default). Edit Poll.ps1 to allow the driver to respond to events in the external account management system.
The Publisher calls Heartbeat.ps1 periodically to determine whether the external account management system is responding correctly.
Topics discussing the built-in functions in IDMLib.ps1 are categorized as follows:
Returns the string value for the Driver parameter specified by the string $paramname.
Appends the specified message to the user-defined trace file.
Set the status level and message to return to the Identity Manager engine when the script completes.
Set the status success message to return to the Identity Manager engine when the script completes.
Set the status warning message to return to the Identity Manager engine when the script completes.
Set the status retry message to return to the Identity Manager engine when the script completes.
Set the status error message to return to the Identity Manager engine when the script completes.
Set the status fatal message to return to the Identity Manager engine when the script completes.
Returns the string value for the Subscriber parameter specified by the string $paramname.
Sets the command that the Subscriber returns to the Identity Manager engine. This function must be called before using idm_writevalue functions. If only a status needs to be returned, use one of the idm_status functions (see above).
Returns an array of string values for the item specified by $name. If no values exist, $null is returned.
Returns the string value for the item specified by $name. If no values exist, $null is returned.
Returns an array containing each value name for the event. This function can be used to iterate over every value.
Returns an array containing each attribute item for the event. This includes ADD_attrname, REMOVE_attrname and PASSWORD values.
Sets an array of string values for the item specified by $name to be returned to the driver engine when the script completes. You must call idm_setcommand or one of the idm_status functions before calling this function.
Sets a single string value for the item specified by $name to be returned to the driver engine when the script completes. You must call idm_setcommand or one of the idm_status functions before calling this function.
Returns a named password specifed by $name from the Identity Manager engine. The value $null is returned if no such password exists.
Returns the string value for the Publisher parameter specified by the string $paramname.
Sets the Publisher command specified by $command to return to the driver engine when idm_publish is called.
Sets an array of string values for the item specified by $name to be returned to the driver engine when idm_publish is called.
Sets a single string values for the item specified by $name to be returned to the driver engine when idm_publish is called.
Submit the command and item values specified above to the driver engine for Publication to the identity vault.
Returns a named password specified by $name from the Identity Manager engine. The value $null is returned if no such password exists.
Initializes a query to be submitted to the identity vault with the idm_doquery call. NOTE: Currently only queries that query a single object are supported.
Specifies the association of the identity vault object to query.
Specifies the DN of the identity vault object to query. Either the object’s association or DN must be specified. If both are specified, the association value is used by the Identity Manager engine.
Specifies a search condition to be used for the query, of the form $name=$value. $name specifies an attribute, and $value specifies a value it must match. The query will return only objects matching all specified conditions.
Specifies an attribute name whose values should be returned by the query. By default, all attributes are returned.
Specifies whether the association and DN of the parent of the queried object should be returned ($readparent is boolean). The default is $False.
Executes the query with the parameters specified by idm_querysetXXX calls. The function returns $True if an object (called an instance) is returned.
Returns the association for the returned instance.
Returns the DN for the returned instance. The DN is in slash format, for example: \ACME\Users\Bob.
Returns the class name for the returned instance.
Returns the association for instance’s parent object, if the $readparent flag was specified.
Returns the DN for instance’s parent object, if the $readparent flag was specified.
Returns an array containing the names of the attributes retrieved for the instance. Returns $null if no attributes were retrieved.
Returns the number of attributes retrieved for the instance.
Returns an array of values for the attribute with the specified $attrname. Returns $null if no values are available.
Returns a string value for the attribute with the specified $attrname. If multiple values are available for the attribute, the first one is returned. If no values are available, $null is returned.
Use this function in the heartbeat.ps1 script to indicate a success status of the external application.
Use this function in the heartbeat.ps1 script to indicate an error status of the external application.
Use this function in the heartbeat.ps1 script to indicate a warning status of the external application.