Sunday, April 25, 2021

Rule - Get the Entitlement which is requestable

 import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.ManagedAttribute;
import sailpoint.object.Identity;
import sailpoint.api.ObjectUtil;
import java.util.*;
 
 List entitlements = context.getObjects(ManagedAttribute.class);
 log.debug("List of Entitlements: ");
 for (ManagedAttribute ent : entitlements){
 log.debug("getValue(): " +ent.getValue());
 }
  
 // Entitlements which are requestable
 QueryOptions qo = new QueryOptions();
 qo.addFilter(Filter.eq("requestable", (boolean) true));
 List reqEntitlements = context.getObjects(ManagedAttribute.class, qo);
 log.debug("List of Requestable Entitlements: ");
  for (ManagedAttribute ent : reqEntitlements){
 log.debug("getValue(): " +ent.getValue());
 }
 
 log.debug("\nTotal No. of Entitlements: "+entitlements.size());
 log.debug("\nTotal No. of Requestable Entitlements: "+reqEntitlements.size());


Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - Get the Audit events who's action is Login

import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.AuditEvent;

 ArrayList auditNames = new ArrayList();
 Filter loginFilter = Filter.eq("action", "login");
 List AuditList = context.getObjects(AuditEvent.class,new QueryOptions().addFilter(loginFilter));
    log.debug("\nAudit List"+AuditList);

 for (AuditEvent auditName : AuditList) {  
  log.debug(auditName.getName());
  auditNames.add(auditName.getName());
}


Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - Get identities modified below 10 days from current date

import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.Identity;
import sailpoint.api.ObjectUtil;
import java.util.*;

QueryOptions qo = new QueryOptions();
Calendar currentDate = Calendar.getInstance();
System.out.println("Current Date: " +currentDate); 
Date currentTime = currentDate.getTime();
System.out.println("Current Time: " +currentTime); 
currentDate.add(currentDate.DATE, -10); 

Date startDate = currentDate.getTime();
System.out.println("Start Time: " +startDate); 

Filter dateCondition = Filter.and(Filter.le("modified",currentTime), Filter.ge("modified",startDate));
qo.addFilter(dateCondition);
log.debug("============ Query ===========" +qo);

List identityObjectList = context.getObjects(Identity.class, qo);
List identityNames = ObjectUtil.getObjectNames(identityObjectList);
log.debug("List of identities modified: " +identityNames);

Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - In Finance application, list out employees belongs to 'PAYROLL' department with privileged, inactive and service as 'FALSE'

 //In Finance application,list out employees belongs to 'PAYROLL' department with privileged 
//,inactive and service as 'FALSE'.Output should display identity details like first Name,LastName and email.

import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.object.Attributes;
 List linksList = new ArrayList();
 ArrayList accountInfo = new ArrayList();
 String privileged = null;
 String service = null;
 
 QueryOptions qo = new QueryOptions();
 Filter linkFilter = Filter.eq("links.application.name","Financials");
 Filter depFilter = Filter.eq("department","Accounting");
 qo.addFilter(Filter.and(linkFilter, depFilter));
 List identityList = context.getObjects(Identity.class, qo); 
 
 if(identityList != null){
  for(Identity identity : identityList){
 
  List links = identity.getLinks();
  if(links != null){
  for(Link link : links){
  String applicationName = link.getApplicationName();
 
  if(applicationName!= null && (applicationName.equalsIgnoreCase("Financials"))){
  Attributes attributes = link.getAttributes();
  if (attributes != null){
  if(attributes.getString("app2_privileged") != null && 
  (attributes.getString("app2_privileged").equalsIgnoreCase("false")) &&
  (attributes.getString("app2_service") != null) && 
  (attributes.getString("app2_service").equalsIgnoreCase("false")) ){
   
  privileged = attributes.getString("app2_privileged");
  service = attributes.getString("app2_service");
 
  accountInfo.add(identity.getName() + " :: " + identity.getFirstname() + " :: " + 
  " :: " + applicationName + " :: " + privileged + " :: "+ service);
  }
  }
  }
 
  }
  }
 
  log.debug( accountInfo);
 }

Comment below if you find this post helpful.
- No comments:
Labels: ,

Thursday, April 22, 2021

Rule - List out distinct department name for all Identities

  import sailpoint.object.Identity;
 
HashSet depName = new HashSet();
 List identityList = context.getObjects(Identity.class);
 
 for(Identity identity : identityList){
  if(identity != null)
  depName.add(identity.getAttribute("department"));
 }
 log.error("Departments: " + depName);

Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - Adding Identity to WorkGroup

 import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.Identity;
  //get the workgroup
  Identity workGroupName = context.getObjectByName(Identity.class,"DemoWorkGroup");
  // get the identity
  Identity identityName = context.getObjectByName(Identity.class,"Aaron.Nichols");
  if(workGroupName!=null && identityName!=null ){
  identityName.add(workGroupName);
  context.saveObject(identityName);
  context.commitTransaction();
  }

Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - Get the Identities who have "AcctsPayable" entitlement assigned

 import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.IdentityEntitlement;
 
// Query the IdentityEntitlement object
QueryOptions qo = new QueryOptions();
qo.add(Filter.eq("value", "AcctsPayable"));
 
List entitlements = context.getObjects(IdentityEntitlement.class, qo);
log.error("List of Identities: ");
for (IdentityEntitlement ent : entitlements){
log.error(ent.getIdentity().getName());
}
log.error("No of identites having the Entitlements: " +entitlements.size());

Comment below if you find this post helpful.

- No comments:
Labels: ,

Rule - Get Identities whose Department attribute is null

        import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.Identity;
import sailpoint.api.ObjectUtil;

 //Filter  for identity attribute - department
QueryOptions qo = new QueryOptions();
qo.addFilter(Filter.isnull("department"));

 List identity = context.getObjects(Identity.class, qo);
List identityNames = ObjectUtil.getObjectNames(identity);

 log.error("List of Identities having department is null : " +identityNames);
log.error("No of identites having department is null: " +identity.size());




Comment below if you find this post helpful.

- No comments:
Labels: ,

Monday, April 19, 2021

Rule - Get the Uncorrelated Identities List

  import java.util.Iterator;
  import sailpoint.object.QueryOptions;
  import sailpoint.object.Identity;
  import sailpoint.object.Filter;

  try {
Logger log = Logger.getLogger("sailpoint.rules.GetUncorrelatedIdentityList");
log.setLevel(Level.DEBUG);
QueryOptions qo = new QueryOptions();
        qo.addFilter(Filter.eq("correlated",(Boolean)false));
        int i=0;
        Iterator result = context.search(Identity.class, qo);
        while (result.hasNext()) {
i++;
Identity user = (Identity)result.next();
log.debug("\nIdentity: " + user.getName());
}
log.debug("\n No of uncorrelated Identities: " + i);
} catch (Exception e) {
//Catch exception if any
log.error("Error: " + e.getMessage());
}


Comment below if you find this post helpful.
- No comments:
Labels: ,

Rule - Save Identities to a text File

 Use the below script to write all the Identity Names in SailPoint to a text file.


  import java.util.ArrayList;
  import java.util.List;
  import sailpoint.api.SailPointContext;
  import sailpoint.object.Filter;
  import sailpoint.object.Identity;
  import sailpoint.object.QueryOptions;
  import sailpoint.tools.GeneralException;
  import org.apache.log4j.Logger;
  import org.apache.log4j.Level;
  import sailpoint.api.ObjectUtil;
  import sailpoint.object.EmailOptions;
  import sailpoint.object.EmailTemplate;
  import java.sql.Connection;
  import sailpoint.object.QueryOptions;
  import sailpoint.api.ObjectUtil;
  import sailpoint.object.TaskDefinition;
  import java.io.File;
  import java.io.IOException;
  import java.io.PrintWriter;
  import java.io.FileWriter;
   
 List readIdentities(){
 Logger log = Logger.getLogger("sailpoint.services.bshdemo.iterateItems");
  log.setLevel(Level.DEBUG);
  // Get list of all the Identities
 List identityNames = context.getObjects(Identity.class);
  log.debug("Reading Identities");
  return identityNames;
 }
void saveToFile(){
 List identityNames = readIdentities();
 try {
 FileWriter fw = new FileWriter("C:\\identityiq\\identitydata.txt",  true);
 PrintWriter out = new  PrintWriter(fw);
 for(Identity identity: identityNames){
 out.println(identity.getName());
 }
 out.close();
 } catch (Exception e) {
 log.error("An error occurred.");
 e.printStackTrace();
 }
 log.debug("File created successfully");
 }

readIdentities();
saveToFile();


Comment below if you find this post helpful.

- No comments:
Labels: ,
Subscribe to: Posts (Atom)

Form AllowedValues rule to filter Identities with Active Regular Active Directory accounts and identity is active and correlated

 The rule type is AllowedValues. import org.apache.log4j.Level ; import org.apache.log4j.Logger ; import sailpoint.object.Filter ; import sa...