This configuration uses the newly introduced context data item realm. It is possible to choose a different context data item (e.g. company) to achieve the same result.
Configuration of the realm feature
- Prerequisites
- The choice, which context data item will hold the realm value must have been made.
- The database schema of IAM 7.4 or later is required if the realm attribute is to be used.
- This feature requires the license tag: RealmAdministration
- Instruction
- Go to:
Adminapp >> Advanced Settings - Create a Realm Administration plugin.
- In the Realm Administration plugin:
Create an Admin Realm Context Data Name and assign an identifier to it to reference it again later on. - In the Admin Realm Context Data Name:
Configure the name of the administrator's context data item holding the realm value. - In the Realm Administration plugin:
Create a User Realm Context Data Name and assign an identifier to it to reference it again later on. - In the User Realm Context Data Name:
Configure the name of the user's context data item holding the realm value. - This enables IAM to use the realm administration feature.
Configuration of the Realm Attribute
- Prerequisites
- The context data item chosen to hold the realm value for users must exist in the database schema for end-users.
- The context data item chosen to hold the realm value for administrators must exist in the database schema for administrators.
- Instruction part 1– User Data Source and Admin Persister
- Go to:
Adminapp >> Users >> User Data Source >> User Store >> Database User Persister - In Context Data Columns:
Create a String Context Data Item and reference the previously created Context Data Name for end-users. - Go to:
Adminapp >> Administrators >> Administrator Management >> Admin Persister - In Context Data Columns:
Create a String Context Data Item and reference the previously created Context Data Name for end-users to the realm administrator. - The realm attribute is now available for both end-users and realm administrator.
- Instruction part 2 – User Context Data Attribute for the realm
- Go to:
Adminapp >> Users >> Columns In User List - Create a String User Profile Item with:
- Identifier – Set Realm Admintool Label.
- String Resource Key - Set the identifier for the language-specific string tables
- Property Name – Set the user's realm context data attribute
- Optional – Not set, because the realm attribute is mandatory.
- Modifiable – Not set, because the realm attribute cannot be changed.
- Prefill – Create a Realm Value Provider plugin with the value @realm@.
- Go to:
Adminapp >> Users >> Rows On User Detail Page - Add the previously created String User Profile Item Realm Admintool Label.
- The realm attribute is now visible in the user list, the user detail page and in the user create dialog. The realm attribute will be prefilled with the realm value.
- Instruction part 3 – Username prefixed with the realm value (optional)
- Go to:
Adminapp >> Users >> Username Prefill - Create a Realm Value Provider plugin with the necessary prefill pattern.
- Go to:
Adminapp >> Users >> Username Validator - Create a Realm Username Validator plugin.
- The username will now be prefilled with the realm value and it will be validated.
These steps are optional and only required if the username should be prefixed with the realm value.
Admin Context Data Attribute for Realm
- Instruction
- Go to:
Adminapp >> Administrators >> Administrators Management >> Columns in Admin List - Create a String User Profile Item with:
- Identifier – Set Realm Admintool Label to ADMIN
- Property Name – Set the admin's realm context data attribute.
- Optional – Set enabled (the realm attribute is optional).
- Modifiable – Set enabled, to make the realm attribute changeable.
- Go to:
Adminapp >> Administrators >> Administrators Management >> Rows on Admin Detail Page - Add the String User Profile Item Realm Admintool Label ADMIN.
- The realm attribute is now visible in the realm administrator's list, administrator detail page and the administrator create dialog.