Virtual system - New virtual system in 5 minutes

A virtual system is a system that can not be directly connected for online management. The reason may be for example the absence of a suitable system connector. The virtual system is basically only a registration mode, where for each system change is generated the implementation request (notification) that is assigned to the particular implementer. This implementer must ensure that the change is made to the target system. In other words, IdM "knows" what the user should have on the system for accounts and permissions, but on the real system this is executed by the implementer (administrator).

  • You need install CzechIdM 7.4.0 (and higher).
  • You need be logged in as 'admin'.
  • You need enable 'Virtual system' module.

You have two options how create virtual system.

The first option - more complex:

  1. Manual create IdM system.
  2. Use virtual connector.
  3. Set virtual connector configurations.
  4. Generate system schema.
  5. Create mapping for provisioning
  6. Create attributes for mapping.

The second option - easier way is to use the automated creation of the virtual system.

This operation do exactly same steps as is described above.
Now you can see list of all virtual systems in your IdM (in our case we do not have any virtual system yet):

  • Dialog for the creation of a new virtual system is shown.
  • You have to only fill name for your new virtual system.
  • In our case 'NewVirtualSystem'.
  • Click on 'Create system'
You can also fill implementers for this system. If you do not select any implementers (or some roles with implementers), then will be use default role for set implementers (default role is 'superAdminRole').

In this moment the virtual system is created. You can check its configuration:
More information about system configuration, schema and attribute mapping, you can find here

This synchronization is used for first import to the virtual system. It will pair all entities.

  • We have created virtual system. Now we want assign system to some user.
  • For this we need create new role and create mapping on for new virtual system.

  • Dialog for create new role is shown.

  • You have to only fill name for your new role.
  • In our case 'RoleForNewVirtualSystem'.
  • Click on 'Save and continue'.
  • On created role select tab 'Systems'.
  • Click on 'Add' green button.
  • In 'System' field select our virtual system 'NewVirtualSystem'.
  • In 'Mapping' field select 'Default provisioning (Identity - Provisioning)'.

  • Click on 'Save'.
  • We have created role connected on our system.
  • Now we need to create new user 'john.doe'.

In shown dialog fill fields:

  • Username = 'john.doe'.
  • First name = 'John'.
  • Surname = 'Doe'.

  • Click on 'Create and edit'.
  • We have created user, role and virtual system.
  • Now we need to assign the role 'RoleForNewVirtualSystem' to the user 'john.doe'.
  • Click on 'Manage authorization'.
  • On new dialog add new role. Click on 'Add' green button.
  • In field 'Role name' select our role 'RoleForNewVirtualSystem'.
  • Click on 'Set'.
  • Click on 'Submit a request'.

We assigned role with virtual system to user 'john.doe'.

  • Request for create new account 'john.doe' on virtual system 'NewVirtualSystem' was created.
  • Email notification was created and send on implementers.
  • In right main menu select 'Virtual systems / Request'.
  • You can se list of unresolved request.
  • Go to detail for request with UID 'john.doe' and system 'NewVirtualSystem' (click on button with "magnifying glass").
  • You can now see request for creating new account.

Congratulations you create virtual system and connected him to user.

How to create virtual system - czech language

  • by 54.36.148.127