com.netegrity.llsdk6.imsapi.managedobject
Interface User

All Superinterfaces:

AccountHolder, AssignableObject, AttributeCollection, Grantor, GroupableObject, ManagedObject, java.util.Map, ModifiableObject, NamedObject, java.io.Serializable

public interface User
extends ManagedObject, GroupableObject, AssignableObject, Grantor, AccountHolder

Provides access to the attributes in a User managed object through the methods inherited from the base interfaces.

User represents an individual within an organization in a user directory.

A user is a ManagedObject that can also be:

• A GroupableObject (users can be added to groups)
• An AssignableObject (users can be assigned to a role)
• A Grantor (users can assign others to roles)
• A delegatee (users can have role membership delegated to them)

This interface includes overloaded methods that allow different ways of specifying the attributes to include in retrieved managed objects. For information on object attributes and attribute permissions, see UserProvider.



Note: If an attempt is made to delete a user with one or more eTrust Admin accounts, the system attempts to delete all of the accounts before deleting the user. If any of the accounts fail to delete, the user is not deleted.

Since:

IdentityMinder 5.6

Nested Class Summary

Nested classes/interfaces inherited from interface java.util.Map

java.util.Map.Entry<K,V>

Field Summary

static int	ENABLED_VALUE Deprecated. Use DisabledReasonType.ENABLED_VALUE instead.
static int	MASK_ADMINDISABLED Deprecated. Use DisabledReasonType#ADMIN_DISABLED#getMask() instead.
static int	MASK_DISABLEDSTATE Deprecated. Use DisabledReasonType.MASK_DISABLEDSTATE instead.
static int	MASK_INACTIVITY Deprecated. Use DisabledReasonType#INACTIVITY#getMask() instead.
static int	MASK_MAXLOGINFAIL Deprecated. Use DisabledReasonType#LOGIN_FAIL#getMask() instead.
static int	MASK_PWEXPIRED Deprecated. Use DisabledReasonType#PASSWORD_EXPIRED#getMask() instead.
static int	MASK_PWMUSTCHANGE Deprecated. Use DisabledReasonType#PASSWORD_MUST_CHANGE#getMask() instead.
static java.lang.String	PROPERTY_CERTIFICATION_STATUS Attribute identifier for the user's certification status
static java.lang.String	PROPERTY_CONTAINER Attribute identifier for the user object's container.
static java.lang.String	PROPERTY_CONTAINER_ID Attribute identifier for the user object's container ID.
static java.lang.String	PROPERTY_DELEGATORS Attribute holds delegation of workflow task from other users.
static java.lang.String	PROPERTY_EMAIL Attribute identifier for the user object's email address.
static java.lang.String	PROPERTY_ENABLED_STATE Attribute identifier for the user object's enabled state.
static java.lang.String	PROPERTY_FIRST_NAME Attribute identifier for the user object's first name.
static java.lang.String	PROPERTY_FRIENDLY_NAME Attribute identifier for the user object's friendly name.
static java.lang.String	PROPERTY_FULL_NAME Attribute identifier for the user object's full name.
static java.lang.String	PROPERTY_IDENTITY_POLICY Attribute identifier for the user's identity policies
static java.lang.String	PROPERTY_LAST_NAME Attribute identifier for the user object's last name.
static java.lang.String	PROPERTY_LASTCERTIFIED_DATE Attribute identifier for the user's last date they were certified
static java.lang.String	PROPERTY_ORG_MEMBERSHIP Attribute identifier for the user object's organization membership.
static java.lang.String	PROPERTY_ORG_MEMBERSHIP_NAME Attribute identifier for the user object's organization membership name.
static java.lang.String	PROPERTY_PASSWORD Attribute identifier for the user object's password.
static java.lang.String	PROPERTY_PASSWORD_DATA Attribute identifier for the user object's password data which is used by password policies.
static java.lang.String	PROPERTY_PASSWORD_HINT Attribute identifier for the user object's password hint.
static java.lang.String	PROPERTY_UNIQUE_NAME Attribute identifier for the user object's unique name.
static java.lang.String	PWD_MUST_CHANGE_EXTRA_PROPERTY Extra property passed during password reset

Method Summary

void	addDisabledReasons(DisabledReasonType[] reasons) Adds disabled reasons to the state of this user without losing any existing flags.
java.lang.String	assignTemporaryPassword() Creates a random, temporary password that will validate this user, but will require a password change on the user's next sign-in.
java.lang.String	assignTemporaryPassword(java.lang.String pwToUse) Sets the user's password to the specified value without checking password policies.
boolean	authenticate(java.lang.String password) Determines if the specified password does, in fact, authenticate this user.
void	changePassword(java.lang.String oldPassword, java.lang.String newPassword) This function represents a user attempting to change from an existing password to a new password.
void	directAddAttributeValue(java.lang.String attributeName, java.lang.String valueToAdd) This method is for internal use only.
void	directRemoveAttributeValue(java.lang.String attributeName, java.lang.String valueToRemove) This method is for internal use only.
void	enable(boolean enabled) Alters the enabled state of this user.
void	flushUser() This method is for internal use only.
void	forceEnabledStateIntoCurrentAttributeCollection(java.lang.String attributeValue) Internal use only.
void	forcePasswordChange() Requires a password change on the user's next sign-in.
java.lang.String	generateTemporaryPassword() Creates a random, temporary password that will validate this user.
java.util.Vector	getAccounts() Retrieves any eTrust Admin accounts associated with this user.
java.util.Vector	getAccounts(boolean getSecondary, boolean getReasons) Retrieves any eTrust Admin accounts associated with this user.
DisabledReasonType[]	getDisabledReasons() Retrieves the disabled reasons, if any, for this user.
boolean	isAddAccountSynched()
boolean	isEnabled() Retrieves the enabled state of the user object.
void	setAddAccountSynched(boolean flag)
void	setDisabledReasons(DisabledReasonType[] reasons) Sets disabled reasons for this user.
void	setPassword(java.lang.String newPassword) Forces a user's password to a new value.
void	synchAttributesWithAccounts(java.util.Vector attributeNames) Propagates the specified set of attributes to any of this user's Provisioning Accounts.
void	synchChangesWithAccounts(boolean enableSync) Sets or clears the option to synchronize any changes to this user's eTrust Admin accounts.
void	synchEnabledStateWithAccounts() Deprecated. In r12. Use synchEnabledStateWithAccounts(String opeartionID)
java.util.Vector	synchEnabledStateWithAccounts(java.lang.String operationID) Syncrhonizes the current enabled state to any of this user's eTrust Admin accounts.
void	synchMyPasswordWithAccounts(boolean areCorporateAndProvisioningDirectoryEqual) Deprecated. In Im r12
java.util.Vector	synchMyPasswordWithAccounts(boolean areCorporateAndProvisioningDirectoryEqual, java.lang.String operationId) Syncrhonizes the current password to any of this user's eTrust Admin accounts.
java.util.Vector	synchMyPasswordWithAccounts(java.lang.String operationId) Synchronizes the current password to any of this user's Provisioning accounts.
void	synchPasswordWithAccounts() Deprecated. In IM r12 .
java.util.Vector	synchPasswordWithAccounts(java.lang.String operationID) Syncrhonizes the current password to any of this user's eTrust Admin accounts.
void	synchProvisioningRolesAddAccounts() Deprecated. in r12 . Use synchProvisioningRolesAddAccounts(String operationID).
java.util.Vector	synchProvisioningRolesAddAccounts(java.lang.String operationID) Adds any missing eTrust Admin accounts for this user, as dictated by the user's assigned provisioning roles.
void	synchProvisioningRolesDeleteAccounts() Deprecated. In r12. Use synchProvisioningRolesDeleteAccounts(String operationID).
java.util.Vector	synchProvisioningRolesDeleteAccounts(java.lang.String operationID) Removes this user's association with any eTrust Admin accounts that are not contained in any of the user's assigned provisioning roles.
boolean	updatePasswordHistory(java.lang.String newPassword) Updates the password history with the given newpassword for this user.
boolean	validate() Determines if the user is valid to login.
java.lang.String	validateNewPassword(java.lang.String newPassword) Determine if a given string would be acceptable as a new password for this user.
boolean	validateNewPassword(java.lang.String newPassword, PasswordCondition cond) Deprecated. As of r12, replaced by validateNewPassword(String)

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.GroupableObject

addToGroup, getGroups, getGroups, isInGroup, removeFromGroup

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.AssignableObject

assignRole, getAccessRoles, getAccessRolesAdministator, getAccessRolesMember, getAccessRolesOwner, getAdminRoles, getAdminRolesAdministrator, getAdminRolesMember, getAdminRolesOwner, getAdminTasks, getProvisioningRolesAdministrator, getProvisioningRolesMember, getProvisioningRolesOwner, getProvisioningRolesOwner, hasRole, isRoleMember, makeRoleMember, makeRoleMember, makeRoleMember, removeFromRole, removeFromRoleMembership, removeFromRoleMembership, removeFromRoleMembership

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.Grantor

bindRoleGrantRights, hasRoleGrantRights, isRoleAdministrator, makeRoleAdministrator, removeFromRoleAdministration, unbindRoleGrantRights

Methods inherited from interface com.netegrity.llsdk6.imsapi.managedobject.ManagedObject

equals, fixUniqueNames, getImsDirectory, getImsEnvironment, getObjectType, getOrg, getOrg, getProvider, hashCode, move, persisted

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.NamedObject

getFriendlyName, getUniqueName, toString

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.AttributeCollection

addAttributes, addValueToAttribute, containsAttribute, doesAttributeHaveMultipleValues, enumerateAttributes, getAttribute, getAttributeMultiValue, getAttributePermission, getAttributes, getExtendedAttribute, getLastCommittedAttribute, getLastCommittedAttributeMultiValue, getLastCommittedValue, getOriginalAttribute, getOriginalAttributeMultiValue, getOriginalValue, getValue, hasAttributeChanged, isAttributeUncommitted, isUncommitted, makeCurrentValueOriginal, removeAttributes, setAttribute, setAttributeMultiValue, setAttributes, setValue, updateAttributeSet

Methods inherited from interface com.netegrity.llsdk6.imsapi.abstractinterface.ModifiableObject

modifyObject, modifyObject

Methods inherited from interface java.util.Map

clear, containsKey, containsValue, entrySet, get, isEmpty, keySet, put, putAll, remove, size, values

Field Detail

PROPERTY_FRIENDLY_NAME

static final java.lang.String PROPERTY_FRIENDLY_NAME

Attribute identifier for the user object's friendly name.

The friendly name is sometimes the same as PROPERTY_FULL_NAME, but not always.

See Also:

Constant Field Values

PROPERTY_UNIQUE_NAME

static final java.lang.String PROPERTY_UNIQUE_NAME

Attribute identifier for the user object's unique name.

See Also:

Constant Field Values

PROPERTY_FULL_NAME

static final java.lang.String PROPERTY_FULL_NAME

Attribute identifier for the user object's full name.

The full name is sometimes the same as PROPERTY_FRIENDLY_NAME, but not always. For example, the full name and friendly name might both be John Smith. Or, the full name might be Smith, John and the friendly name John Smith.

See Also:

Constant Field Values

PROPERTY_LAST_NAME

static final java.lang.String PROPERTY_LAST_NAME

Attribute identifier for the user object's last name.

See Also:

Constant Field Values

PROPERTY_FIRST_NAME

static final java.lang.String PROPERTY_FIRST_NAME

Attribute identifier for the user object's first name.

See Also:

Constant Field Values

PROPERTY_EMAIL

static final java.lang.String PROPERTY_EMAIL

Attribute identifier for the user object's email address.

See Also:

Constant Field Values

PROPERTY_PASSWORD

static final java.lang.String PROPERTY_PASSWORD

Attribute identifier for the user object's password.

See Also:

Constant Field Values

PROPERTY_PASSWORD_HINT

static final java.lang.String PROPERTY_PASSWORD_HINT

Attribute identifier for the user object's password hint.

See Also:

Constant Field Values

PROPERTY_PASSWORD_DATA

static final java.lang.String PROPERTY_PASSWORD_DATA

Attribute identifier for the user object's password data which is used by password policies.

See Also:

Constant Field Values

PROPERTY_ENABLED_STATE

static final java.lang.String PROPERTY_ENABLED_STATE

Attribute identifier for the user object's enabled state.

See Also:

Constant Field Values

PROPERTY_ORG_MEMBERSHIP

static final java.lang.String PROPERTY_ORG_MEMBERSHIP

Attribute identifier for the user object's organization membership.

See Also:

Constant Field Values

PROPERTY_ORG_MEMBERSHIP_NAME

static final java.lang.String PROPERTY_ORG_MEMBERSHIP_NAME

Attribute identifier for the user object's organization membership name.

See Also:

Constant Field Values

PROPERTY_CONTAINER

static final java.lang.String PROPERTY_CONTAINER

Attribute identifier for the user object's container.

See Also:

Constant Field Values

PROPERTY_CONTAINER_ID

static final java.lang.String PROPERTY_CONTAINER_ID

Attribute identifier for the user object's container ID.

See Also:

Constant Field Values

PROPERTY_IDENTITY_POLICY

static final java.lang.String PROPERTY_IDENTITY_POLICY

Attribute identifier for the user's identity policies

See Also:

Constant Field Values

PROPERTY_CERTIFICATION_STATUS

static final java.lang.String PROPERTY_CERTIFICATION_STATUS

Attribute identifier for the user's certification status

See Also:

Constant Field Values

PROPERTY_LASTCERTIFIED_DATE

static final java.lang.String PROPERTY_LASTCERTIFIED_DATE

Attribute identifier for the user's last date they were certified

See Also:

Constant Field Values

PROPERTY_DELEGATORS

static final java.lang.String PROPERTY_DELEGATORS

Attribute holds delegation of workflow task from other users.

See Also:

Constant Field Values

PWD_MUST_CHANGE_EXTRA_PROPERTY

static final java.lang.String PWD_MUST_CHANGE_EXTRA_PROPERTY

Extra property passed during password reset

See Also:

Constant Field Values

ENABLED_VALUE

@Deprecated
static final int ENABLED_VALUE

Deprecated. Use DisabledReasonType.ENABLED_VALUE instead.

See Also:

Constant Field Values

MASK_DISABLEDSTATE

@Deprecated
static final int MASK_DISABLEDSTATE

Deprecated. Use DisabledReasonType.MASK_DISABLEDSTATE instead.

See Also:

Constant Field Values

MASK_ADMINDISABLED

@Deprecated
static final int MASK_ADMINDISABLED

Deprecated. Use DisabledReasonType#ADMIN_DISABLED#getMask() instead.

MASK_MAXLOGINFAIL

@Deprecated
static final int MASK_MAXLOGINFAIL

Deprecated. Use DisabledReasonType#LOGIN_FAIL#getMask() instead.

MASK_INACTIVITY

@Deprecated
static final int MASK_INACTIVITY

Deprecated. Use DisabledReasonType#INACTIVITY#getMask() instead.

MASK_PWEXPIRED

@Deprecated
static final int MASK_PWEXPIRED

Deprecated. Use DisabledReasonType#PASSWORD_EXPIRED#getMask() instead.

MASK_PWMUSTCHANGE

@Deprecated
static final int MASK_PWMUSTCHANGE

Deprecated. Use DisabledReasonType#PASSWORD_MUST_CHANGE#getMask() instead.

Method Detail

isEnabled

boolean isEnabled()
                  throws SmApiException

Retrieves the enabled state of the user object. This is a convenience function that works with the User.PROPERTY_ENABLED_STATE attribute, which must be present to use this method. If no disabled reasons are set, this method returns true. If any are set then the method returns false.

Returns:

true if the user object is enabled, or false otherwise.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

AttributeNotPresentException - This User was created without a request for the User.PROPERTY_ENABLED_STATE attribute.

SmApiException

enable

void enable(boolean enabled)
            throws SmApiException

Alters the enabled state of this user.

Note: To persist the change, call modifyObject().

Parameters:

enabled - If true, all disabled reasons for this user are cleared. If false, DisabledReasonType.ADMIN_DISABLED is added to the set of disabled reasons for this user.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

AttributeNotPresentException - This User was created without a request for the User.PROPERTY_ENABLED_STATE attribute.

SmApiException

getDisabledReasons

DisabledReasonType[] getDisabledReasons()
                                        throws SmApiException

Retrieves the disabled reasons, if any, for this user.

This method returns an array of DisabledReasonType objects. Each element specifies a reason that this user is disabled. If the user is enabled, this method returns null.

Returns:

An array of DisabledReasonType objects, or null.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

AttributeNotPresentException - This User was created without a request for the User.PROPERTY_ENABLED_STATE attribute.

SmApiException

setDisabledReasons

void setDisabledReasons(DisabledReasonType[] reasons)
                        throws SmApiException

Sets disabled reasons for this user.

The enabled state for this user is set to disabled for the reasons specified in reasons, and only for those reasons.

This setting overrides any existing disabled reasons.

Note: To persist the change, call modifyObject().

Parameters:

reasons - The array of disabled reasons to set for the user. If the array is null or empty, the user is enabled.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

AttributeNotPresentException - This User was created without a request for the User.PROPERTY_ENABLED_STATE attribute.

SmApiException

addDisabledReasons

void addDisabledReasons(DisabledReasonType[] reasons)
                        throws SmApiException

Adds disabled reasons to the state of this user without losing any existing flags.

Any flags specified in reasons are added to the user's state.

Note: To persist the change, call modifyObject().

Parameters:

reasons - The array of disabled reasons to add to any existing disabled reasons for the user. If the array is null or empty, the method ends with no action taken.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

AttributeNotPresentException - This User was created without a request for the User.PROPERTY_ENABLED_STATE attribute.

SmApiException

changePassword

void changePassword(java.lang.String oldPassword,
                    java.lang.String newPassword)
                    throws SmApiException

This function represents a user attempting to change from an existing password to a new password.

Parameters:

oldPassword - The existing password.

newPassword - The new password to set.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

SmApiException

setPassword

void setPassword(java.lang.String newPassword)
                 throws com.netegrity.sdk.apiutil.SmApiException

Forces a user's password to a new value.

Parameters:

newPassword - The new password to set.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

forceEnabledStateIntoCurrentAttributeCollection

void forceEnabledStateIntoCurrentAttributeCollection(java.lang.String attributeValue)
                                                     throws com.netegrity.sdk.apiutil.SmApiException

Internal use only.

Throws:

com.netegrity.sdk.apiutil.SmApiException

forcePasswordChange

void forcePasswordChange()
                         throws com.netegrity.sdk.apiutil.SmApiException

Requires a password change on the user's next sign-in.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

generateTemporaryPassword

java.lang.String generateTemporaryPassword()
                                           throws com.netegrity.sdk.apiutil.SmApiException

Creates a random, temporary password that will validate this user. The user object is not altered.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

assignTemporaryPassword

java.lang.String assignTemporaryPassword()
                                         throws com.netegrity.sdk.apiutil.SmApiException

Creates a random, temporary password that will validate this user, but will require a password change on the user's next sign-in.

The password in the user object is changed to this new value.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

assignTemporaryPassword

java.lang.String assignTemporaryPassword(java.lang.String pwToUse)
                                         throws com.netegrity.sdk.apiutil.SmApiException

Sets the user's password to the specified value without checking password policies.

This method requires a password change on the user's next sign-in.

Parameters:

pwToUser - The temporary password to set. If null, a password is generated.

Returns:

The generated password.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

authenticate

boolean authenticate(java.lang.String password)
                     throws com.netegrity.sdk.apiutil.SmApiException

Determines if the specified password does, in fact, authenticate this user.

Parameters:

password - Information needed by the server to authenticate the user.

Returns:

true if the server authenticated the user with the supplied password, or falseotherwise.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

validate

boolean validate()
                 throws FwAuthenticationException

Determines if the user is valid to login. exception situations could be things like the account is disabled, password needs to change etc.

Returns:

true if the user is valid to login.

Throws:

FwAuthenticationException - This object represents a User that is not connected to a session.

Since:

r12

validateNewPassword

boolean validateNewPassword(java.lang.String newPassword,
                            PasswordCondition cond)
                            throws com.netegrity.sdk.apiutil.SmApiException

Deprecated. As of r12, replaced by validateNewPassword(String)

Determines if a given string is acceptable as a new password for this user. The result can be based on considerations such as password policies, business rules, etc.

Parameters:

newPassword - The proposed password to validate.

cond - A PasswordCondition object that is populated with information on why a proposed password could not be validated.

Returns:

true if the password is validated, or false otherwise. If false, Identity Manager provides the reasons in the output parameter cond.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

validateNewPassword

java.lang.String validateNewPassword(java.lang.String newPassword)
                                     throws com.netegrity.sdk.apiutil.SmApiException,
                                            PasswordPolicyException

Determine if a given string would be acceptable as a new password for this user. The result can be a factor of such things as password policies, business rules, etc. This method will throw an exception if the password is invalid. Some password policies may transform a password (for example, to remove whitespace). The valid transformed password is returned.

Parameters:

newPassword - Proposed password value to check

Returns:

The valid transformed password

Throws:

SmApiException - An exception occurred while trying to validate the password.

PasswordPolicyException - The proposed password is not valid. This exception contains a PasswordCondition object that is populated with information on why a proposed password could not be validated.

updatePasswordHistory

boolean updatePasswordHistory(java.lang.String newPassword)
                              throws com.netegrity.sdk.apiutil.SmApiException

Updates the password history with the given newpassword for this user. It does not validate or set the users password. The result can be a factor of such things as password policies, business rules, etc.

Parameters:

newPassword - The proposed password to update in the users password history..

Returns:

true if the password history is updated, or false otherwise. If false, Identity Manager provides the reasons in the output parameter cond.

Throws:

DeletedObjectException - This object represents a User that has already been deleted.

NoSessionException - This object represents a User that is not connected to a session.

com.netegrity.sdk.apiutil.SmApiException

getAccounts

java.util.Vector getAccounts()
                             throws SmApiException,
                                    JIAMOperationException,
                                    UnsupportedDirectoryFeatureException

Retrieves any eTrust Admin accounts associated with this user.

This method has been depricated in Identity Manager 8.1 SP1. Please use (@link User#(boolean) getAccounts(boolean getSecondary)) This method requires an instance of eTrust Admin Directory.

Specified by:

getAccounts in interface AccountHolder

Returns:

A Vector of Account objects.

Throws:

SmApiException - An excpetion occurred reading connection information to eTrustAdmin

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

getAccounts

java.util.Vector getAccounts(boolean getSecondary,
                             boolean getReasons)
                             throws SmApiException,
                                    JIAMOperationException,
                                    UnsupportedDirectoryFeatureException

Retrieves any eTrust Admin accounts associated with this user.

This method requires an instance of eTrust Admin Directory.

Specified by:

getAccounts in interface AccountHolder

Parameters:

getSecondary - A boolean that specifies whether or not the secondary account attributes should be retreived along with the other account attributes. Secondary attributes are those attributes that can only be retreived from the endpoint on which the account resides. In particular, the suspended state of the account and the locked state of the account.

getReasons - A boolean that specifies whether or not the account reasons will be retreived along with the other account attributes. The account reasons is a list

Returns:

A Vector of Account objects.

Throws:

SmApiException - An excpetion occurred reading connection information to eTrustAdmin

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1 SP1

synchChangesWithAccounts

void synchChangesWithAccounts(boolean enableSync)
                              throws SmApiException,
                                     JIAMOperationException,
                                     UnsupportedDirectoryFeatureException

Sets or clears the option to synchronize any changes to this user's eTrust Admin accounts.

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Parameters:

enableSynch - Set to true to perform synchronization.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureException - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchPasswordWithAccounts

void synchPasswordWithAccounts()
                               throws SmApiException,
                                      JIAMOperationException,
                                      UnsupportedDirectoryFeatureException

Deprecated. In IM r12 .

Syncrhonizes the current password to any of this user's eTrust Admin accounts. Requires syncChangesWithAccounts(true) to be invoked prior to calling this method to propagate the password to accounts

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchPasswordWithAccounts

java.util.Vector synchPasswordWithAccounts(java.lang.String operationID)
                                           throws SmApiException,
                                                  JIAMOperationException,
                                                  UnsupportedDirectoryFeatureException

Syncrhonizes the current password to any of this user's eTrust Admin accounts. Requires syncChangesWithAccounts(true) to be invoked prior to calling this method to propagate the password to accounts

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Parameters:

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM eventID using ProvisioningDefinitionImpl.getIMOperationId() .

Returns:

JIAM Operation return message from admin server in case of a success.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager r12

See Also:

setAutoAccountSynch()

synchMyPasswordWithAccounts

void synchMyPasswordWithAccounts(boolean areCorporateAndProvisioningDirectoryEqual)
                                 throws SmApiException,
                                        JIAMOperationException,
                                        UnsupportedDirectoryFeatureException

Deprecated. In Im r12

Synchronizes the current password to any of this user's eTrust Admin accounts. This method will bind to the Provisioning server as the proxy administrator and apply selfChange semantics to enable proper Endpoint handling of self changed passwords. Requires synchChangesWithAccounts(true) to be invoked prior to calling this method to propagate the password to accounts

Parameters:

areCorporateAndProvisioningDirectoryEqual - - are the corporate and provisioning directory the same therefore both eTrust Admin. An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchMyPasswordWithAccounts

java.util.Vector synchMyPasswordWithAccounts(boolean areCorporateAndProvisioningDirectoryEqual,
                                             java.lang.String operationId)
                                             throws SmApiException,
                                                    JIAMOperationException,
                                                    UnsupportedDirectoryFeatureException

Syncrhonizes the current password to any of this user's eTrust Admin accounts. Requires syncChangesWithAccounts(true) to be invoked prior to calling this method to propagate the password to accounts

Parameters:

areCorporateAndProvisioningDirectoryEqual - - are the corporate and provisioning directory the same therefore both eTrust Admin. An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM eventID using ProvisioningDefinitionImpl.getIMOperationId() .

Returns:

JIAM Operation return message from admin server in case of a success.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager r12

See Also:

setAutoAccountSynch()

synchMyPasswordWithAccounts

java.util.Vector synchMyPasswordWithAccounts(java.lang.String operationId)
                                             throws SmApiException,
                                                    JIAMOperationException,
                                                    UnsupportedDirectoryFeatureException

Synchronizes the current password to any of this user's Provisioning accounts. This method will bind to the Provisioning server as the proxy administrator and apply selfChange semantics to enable proper Endpoint handling of self changed passwords.

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of an eTrust Admin Directory.

Parameters:

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchEnabledStateWithAccounts

void synchEnabledStateWithAccounts()
                                   throws SmApiException,
                                          JIAMOperationException,
                                          UnsupportedDirectoryFeatureException

Deprecated. In r12. Use synchEnabledStateWithAccounts(String opeartionID)

Syncrhonizes the current enabled state to any of this user's eTrust Admin accounts. Requires syncChangesWithAccounts(true) to be invoked prior to calling this method to propagate the enabled state to accounts

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchEnabledStateWithAccounts

java.util.Vector synchEnabledStateWithAccounts(java.lang.String operationID)
                                               throws SmApiException,
                                                      JIAMOperationException,
                                                      UnsupportedDirectoryFeatureException

Syncrhonizes the current enabled state to any of this user's eTrust Admin accounts. Requires syncChangesWithAccounts(true) to be invoked prior to calling this method to propagate the enabled state to accounts

An eTrust Admin account is synchronized against the user's eTrust Admin provisioning roles. During synchronization, the account's capability attributes are updated to match the corresponding attributes of the provisioning policies contained in the roles.

This method requires an instance of eTrust Admin Directory.

Parameters:

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM eventID using ProvisioningDefinitionImpl.getIMOperationId() .

Returns:

JIAM Operation return message from admin server in case of a success.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchProvisioningRolesAddAccounts

void synchProvisioningRolesAddAccounts()
                                       throws SmApiException,
                                              JIAMOperationException,
                                              UnsupportedDirectoryFeatureException

Deprecated. in r12 . Use synchProvisioningRolesAddAccounts(String operationID).

Adds any missing eTrust Admin accounts for this user, as dictated by the user's assigned provisioning roles.

This method requires an instance of eTrust Admin Directory.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchProvisioningRolesAddAccounts

java.util.Vector synchProvisioningRolesAddAccounts(java.lang.String operationID)
                                                   throws SmApiException,
                                                          JIAMOperationException,
                                                          UnsupportedDirectoryFeatureException

Adds any missing eTrust Admin accounts for this user, as dictated by the user's assigned provisioning roles.

This method requires an instance of eTrust Admin Directory.

Parameters:

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM eventID using ProvisioningDefinitionImpl.getIMOperationId() .

Returns:

JIAM Operation return message from admin server in case of a success.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager r12

See Also:

setAutoAccountSynch()

synchProvisioningRolesDeleteAccounts

void synchProvisioningRolesDeleteAccounts()
                                          throws SmApiException,
                                                 JIAMOperationException,
                                                 UnsupportedDirectoryFeatureException

Deprecated. In r12. Use synchProvisioningRolesDeleteAccounts(String operationID).

Removes this user's association with any eTrust Admin accounts that are not contained in any of the user's assigned provisioning roles.

This method requires an instance of eTrust Admin Directory.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1

See Also:

setAutoAccountSynch()

synchProvisioningRolesDeleteAccounts

java.util.Vector synchProvisioningRolesDeleteAccounts(java.lang.String operationID)
                                                      throws SmApiException,
                                                             JIAMOperationException,
                                                             UnsupportedDirectoryFeatureException

Removes this user's association with any eTrust Admin accounts that are not contained in any of the user's assigned provisioning roles.

This method requires an instance of eTrust Admin Directory.

Parameters:

operationID - Operation ID to be used for the JIAM commit operation. Ideally this should be derived from the IM eventID using ProvisioningDefinitionImpl.getIMOperationId() .

Returns:

JIAM Operation return message from admin server in case of a success.

Throws:

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

SmApiException

UnsupportedDirectoryFeatureException

Since:

Identity Manager r12

See Also:

setAutoAccountSynch()

directAddAttributeValue

void directAddAttributeValue(java.lang.String attributeName,
                             java.lang.String valueToAdd)
                             throws SmApiException

This method is for internal use only. It immediately triggers a server-side process to add the specified value to the attribute specified

Specified by:

directAddAttributeValue in interface ManagedObject

Parameters:

attributeName - - the attribute to add the value to

valueToAdd - - the value to add (if the value is already present in the attribute on the server, this command is a no-op)

Throws:

SmApiException

directRemoveAttributeValue

void directRemoveAttributeValue(java.lang.String attributeName,
                                java.lang.String valueToRemove)
                                throws SmApiException

This method is for internal use only. It immediately triggers a server-side process to remove the specified value from the attribute specified

Specified by:

directRemoveAttributeValue in interface ManagedObject

Parameters:

attributeName - - the attribute to remove the value from

valueToRemove - - the value to remove (if the value is not already present in the attribute on the server, this command is a no-op)

Throws:

SmApiException

flushUser

void flushUser()
               throws SmApiException

This method is for internal use only. It requests that the policy evaluation caches for this user be manually flushed

Throws:

SmApiException

synchAttributesWithAccounts

void synchAttributesWithAccounts(java.util.Vector attributeNames)
                                 throws SmApiException,
                                        JIAMOperationException,
                                        UnsupportedDirectoryFeatureException,
                                        AttributeNotPresentException

Propagates the specified set of attributes to any of this user's Provisioning Accounts.

This method requires an instance of an eTrust Admin Directory.

Throws:

SmApiException - An excpetion occurred reading connection information to eTrustAdmin

JIAMOperationException - An exception ocurred obtaining account information for this User

UnSupportedDirectoryFeatureExcpetion - Occurs if the Directory does not support eTrustAdmin

AttributeNotPresentException - This User was created without a request for the specified attribute

UnsupportedDirectoryFeatureException

Since:

Identity Manager 8.1.2

See Also:

setAutoAccountSynch()

isAddAccountSynched

boolean isAddAccountSynched()

setAddAccountSynched

void setAddAccountSynched(boolean flag)