+

Search Tips   |   Advanced Search

Configure a join

To augment and enrich the data from the endpoint, we can configure the flow to specify a join from another data source selectively.


About this task

A flow can join data in one endpoint with data from another endpoint. For example, a database might contain information about people, which is not available in an LDAP directory. By joining the LDAP directory with the database, Federated Directory Server can show richer data about the people.

Whenever an entry comes in from the endpoint, the flow looks it up on the join data source, merges it with the data from the endpoint, and then adds to the target Security Directory Server.

Note: Only endpoints that support lookup can be used for a join. For example, endpoints like LDAP support lookup by using a certain criteria, hence they can be used for a join. File-based endpoints do not support lookup, hence cannot be used for join.


Procedure

  1. On the Flows tab, click the name of the flow and then click Edit to open the flow configuration page, if you did not already do so.
  2. Click the Join tab to view and edit the properties for the directory or data source for the join.
  3. Select Enabled to apply the join to this flow.
  4. From the Select endpoint list, select the endpoint that you want to use for the join. The Select endpoint list displays all the endpoints that you configured in Federated Directory Server. If you clear the Enabled check box, the Select endpoint field is disabled and the settings that you entered earlier are retained, but not applied during the flow operation.
  5. Specify the action that must be taken when an error or failure occurs with an entry from the join during the flow operation. From the On join failure list, select one of the following options:

    • Ignore error and continue If you select this option, the error is ignored, the entry is added, modified, or deleted, and the flow operation continues with the next entry.
    • Skip the current entry and continue If you select this option, the entry that caused the error is skipped and the flow operation continues.
    • Abort and terminate the flow If you select this option, the flow operation is terminated at this entry.

    If you enabled Debug log output in General Settings on the Source tab, then we can view the details about the entries that caused errors.

  6. We can choose to use a statement to specify simple criteria or a script for advanced criteria.

    • To specify simple criteria to find matching entries in the join, leave the Scripted criteria check box cleared and specify the criteria statement:

      • In the Attribute field, enter the attribute from the join endpoint.
      • From the Operator list, select the appropriate operator for the statement.
      • In the Value field, enter the corresponding attribute from the main endpoint.

    • To use a script to specify advanced criteria, select Scripted criteria. A field is provided where we can write the script for the criteria. See the SDI documentation and search for Scripting in SDI.

  7. Under Attribute Maps, we can add, remove, or modify the attribute mapping for the join.

    1. Click Add Attribute and select the attribute from the list of attributes in the target directory server. A new row is displayed with the selected attribute name under the Directory Server Attribute column.
    2. Under Endpoint Attribute / Assignment, specify the attribute name in the endpoint that must map to the target attribute.
    3. Double-click the endpoint attribute name to specify more settings for the attribute mapping.

      • Select Enabled to use this attribute mapping for the endpoint.
      • Click Simple Assignment or Scripted Assignment to specify the type of mapping. If you select Scripted Assignment, we can define the assignment by writing JavaScript code or by calling a function in the Solution Directory\LDAPSync\customScript.js file. See the SDI documentation and search for Scripting in SDI.
      • Specify whether you want this mapping to be used for all operations, or only when either modifying an entry or creating an entry.

    4. To delete the mapping for a specific attribute, click the check box on that row. Then, click Remove Attribute and click OK when the confirmation message appears.

  8. We can also provide our own AssemblyLines instead of just endpoints to define the join operation. Expand the Customize lookup/join assemblylines section and specify Person Objects, Group Objects, and Container Objects.

    Before we can use these fields, you must create an AssemblyLine by using the Configuration Editor. Ensure that the configuration XML file for the AssemblyLine project is copied to the configs folder of the Solution Directory. See the SDI documentation and search for Configuration Editor. In the Customize lookup/join assemblylines fields, enter the following details of the AssemblyLine project that you created in Configuration Editor:

    • Name of the SDI project that contains the AssemblyLine
    • Name of the AssemblyLine

    Use the following format for entering the names in these fields:

    Project Name:/AssemblyLines/AssemblyLine Name
    For example, if your project is named OS400 and it contains an AssemblyLine named ReadUsers, then you would enter:
    OS400:/AssemblyLines/ReadUsers


Parent topic:

Create a flow