RapidIdentity Product Guide: New UI

RapidIdentity Portal Profiles

Table 107. RapidIdentity Portal Profiles Columns

Column

Value

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt



The Account Disabled event is logged whenever an account is disabled by delegation.

Table 108. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.disableAccount

target_system

DIRECTORY

target_id

This will contain the Idauto ID of disabled account

target

This will contain the DN of the disabled account



Table 109. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the ACTM Delegation

false

delegationName

The Name of the ACTM Delegation

false

delegationVersion

The database version of the ACTM Delegation

false



The Account Enabled event is logged whenever an account is enabled by delegation.

Table 110. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.enableAccount

target_system

DIRECTORY

target_id

This will contain the Idauto ID of enabled account

target

This will contain the DN of the enabled account



Table 111. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false



The Account Unlocked event is logged whenever an account is unlocked by delegation.

Table 112. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.unlockAccount

target_system

DIRECTORY

target_id

This will contain the Idauto ID of unlocked account

target

This will contain the DN of the unlocked account



Table 113. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false



The Self Password Update event is logged whenever a user changes their own password.

Table 114. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.selfPasswordUpdate

target_system

DIRECTORY

target_id

This will contain the Idauto ID of user

target

This will contain the DN of the user



Table 115. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false



The Delegated Password Update event is logged whenever a user updates another user's password through delegation.

Table 116. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.passwordReset

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user

target

This will contain the DN of the target user



Table 117. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false

passwordPolicyId

The ID of the user's current Password Policy

false

passwordPolicyName

The name of the user's current Password Policy

false

passwordPolicyVersion

The database version of the user's current Password Policy

false

mustUpdate

If the perpetrator chose the option to make the target user change their password at next login

false

passwordPolicyId

The ID of the user's current Password Policy

false

passwordPolicyName

The name of the user's current Password Policy

false

passwordPolicyVersion

The database version of the user's current Password Policy

false



The Challenge Set Update event is logged whenever a user's Challenge Set is updated.

Table 118. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.updateChallengeSet

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user

target

This will contain the DN of the target user



Table 119. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation (if applicable)

false

delegationName

The Name of the Profiles Delegation (if applicable)

false

delegationVersion

The database version of the Profiles Delegation (if applicable)

false

challengePolicyId

The ID of the user's current Challenge Policy

false

challengePolicyName

The name of the user's current Challenge Policy

false

challengePolicyVersion

The database version of the user's current Challenge Policy

false



The Challenge Set Invalidated event is logged whenever a user invalidates another user's Challenge Set through delegation.

Table 120. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.invalidateChallengeSet

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user

target

This will contain the DN of the target user



Table 121. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false



The Profiles Exported event is logged whenever a user chooses to export profile data from a Delegation.

Table 122. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.exportProfiles

target_system

SYSTEM

target_id

The ID of the Delegation

target

The ID of the Delegation



Table 123. Extended Properties

Name

Value/Description

searchCriteria

The search criteria used to load the Delegation profiles (if any)



The Profiles Printed event is logged whenever a user chooses to print profile data from a Delegation.

Table 124. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.printProfiles

target_system

SYSTEM

target_id

The ID of the Delegation

target

The ID of the Delegation



Table 125. Extended Properties

Name

Value/Description

searchCriteria

The search criteria used to load the Delegation profiles (if any)



The Profile Updated event is logged whenever a user has their profile updated through delegation.

Table 126. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.updateProfile

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user

target

This will contain the DN of the target user



Table 127. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if available)

false

delegationId

The ID of the Profiles Delegation

false

delegationName

The Name of the Profiles Delegation

false

delegationVersion

The database version of the Profiles Delegation

false

{ldapAttribute}

Every LDAP-backed custom attribute in the delegation profile will logged with its value(s)

false



The Username Retrieved event is logged whenever a user attempts to retrieve their username, i.e. they go through the Forgot My Username flow.

Note that since this operation is typically anonymous, the only time there is a valid perpetrator and target information is if the retrieval is successful.

Table 128. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.retrieveUsername

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user (if the retrieval was successful)

target

This will contain the DN of the target user (if the retrieval was successful)



Table 129. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target (if the retrieval was successful)

false

requestedEmail

The email address that was used as the retrieval key

false

numMatchingUsers

The number of accounts found which matched the retrieval key. The values will be 0, 1, or 2

false



The Account Claimed event is logged whenever a user claims their account.

Table 130. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.accountmgmt.action.claimAccount

target_system

DIRECTORY

target_id

This will contain the Idauto ID of the target user

target

This will contain the DN of the target user



Table 131. Extended Properties

Name

Value/Description

Multi-valued

targetName

The name of target user

false

claimPolicyId

The ID of the Claim Policy associated with the user

false

claimPolicyName

The name of the Claim Policy associated with the user

false

claimPolicyVersion

The database version of the Claim Policy at the time of the event

false



The Password Policy Saved action is logged when a user saves a Password Policy. (Available since version 2.7.0)

Table 132. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.passwordPolicySaved

target_system

DIRECTORY

target_id

{null}

target

The ID of the Password Policy



Table 133. Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

description

The description of the policy (if any)

false

priority

The priority of the policy

false

enabled

Whether the policy is enabled

false

default

Whether the policy is the default policy

false

grouAclsEnabled

Whether Role ACLs are enabled

false

aclGroupId

The IDs of associated Role ACLs (if any)

true

filterAclEnabled

Whether LDAP filter ACLs are enabled

false

filterAcl

The LDAP filter ACL (if any)

false

passwordResetAttribute

The ID of the Password Reset Attribute GAL item (if any)

false

minLength

The minimum password length for the policy

false

maxLength

The maximum password length for the policy

false

charsets

The types of charset rules defined for the policy

false

charset-{type}-min

The minimum number of characters required from the charset {type}

false

charset-{type}-max

The maximum number of characters from the charset {type}

false

requiredCharsets

The number of required charsets for the policy

falsefalse

allowRandomPassword

Whether the policy allows for random password generation

false

allowedCharacterRegex

The allowed character regular expression for the policy (if any)

false

matchingAttribute

The ID for each matching attribute GAL item (if any)

true

matchingAttributesCaseSensitive

Whether the matching attribute check is case sensitive

false

matchingAttributesMatchEntire

Whether the matching attribute check matches the entire password

false

blacklisted

The blacklisted passwords (if any)

true

blackListCaseSensitive

Whether the blacklist check is case sensitive

false

blackListMatchEntire

Whether the blacklist check matches against the entire password

false

blacklistRegex

The blacklist regular expressions (if any)

true

defaultForceUserPasswordChange

Whether an administrative password reset for this policy defaults the 'User must change password on next login' option to true

true



The Password Policy Deleted action is logged when a user deletes a Password Policy. (Available since version 2.7.0).

Table 134. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.passwordPolicyDeleted

target_system

DIRECTORY

target_id

{null}

target

The ID of the Password Policy



Table 135. Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

description

The description of the policy (if any)

false

priority

The priority of the policy

false

enabled

Whether the policy is enabled

false

default

Whether the policy is the default policy

false

grouAclsEnabled

Whether Role ACLs are enabled

false

aclGroupId

The IDs of associated Role ACLs (if any)

true

filterAclEnabled

Whether LDAP filter ACLs are enabled

false

filterAcl

The LDAP filter ACL (if any)

false

passwordResetAttribute

The ID of the Password Reset Attribute GAL item (if any)

false

minLength

The minimum password length for the policy

false

maxLength

The maximum password length for the policy

false

charsets

The types of charset rules defined for the policy

false

charset-{type}-min

The minimum number of characters required from the charset {type}

false

charset-{type}-max

The maximum number of characters from the charset {type}

false

requiredCharsets

The number of required charsets for the policy

false

allowRandomPassword

Whether the policy allows for random password generation

false

allowedCharacterRegex

The allowed character regular expression for the policy (if any)

false

matchingAttribute

The ID for each matching attribute GAL item (if any)

true

matchingAttributesCaseSensitive

Whether the matching attribute check is case sensitive

false

matchingAttributesMatchEntire

Whether the matching attribute check matches the entire password

false

blacklisted

The blacklisted passwords (if any)

true

blackListCaseSensitive

Whether the blacklist check is case sensitive

false

blackListMatchEntire

Whether the blacklist check matches against the entire password

false

blacklistRegex

The blacklist regular expressions (if any)

true

defaultForceUserPasswordChange

Whether an administrative password reset for this policy defaults the 'User must change password on next login' option to true

true



The Challenge Policy Saved action is logged when a user saves a Challenge Policy. (Available since version 2.7.0).

Table 136. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.challengePolicySaved

target_system

DIRECTORY

target_id

{null}

target

The ID of the Challenge Policy



Table 137. Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

priority

The priority of the policy

false

enabled

Whether the policy is enabled

false

noChallenge

Whether or not the policy is a no-challenge policy

false

default

Whether or not the policy is the default policy

false

groupAclsEnabled

Whether or not Role ACLs are enabled

false

aclGroupId

The IDs of associated Group ACLs (if any)

true

filterAclEnabled

Whether LDAP filter ACLs are enabled

false

filterAcl

The LDAP filter ACL (if any)

false

adminQuestions

An integer key for each admin question

true

adminQuestion-{key}-question

The question associated with the keyed admin question

false

adminQuestion-{key}-required

Whether or not the keyed admin question is required

false

minAdminQuestionPoolSize

The minimum admin question pool size

false

minUserQuestionPoolSize

The minimum user question pool size

false

maxUserQuestionPoolSize

The maximum user question pool size

false

allowUserDefinedQuestions

Whether or not user questions are allowed

false

minQuestionLength

The minimum allowed question length

false

maxQuestionLength

The maximum allowed question length

false

minAnswerLength

The minimum allowed answer length

false

maxAnswerLength

The maximum allowed answer length

false

numAdminAnswersForAuth

The number of admin question answers required for authentication

false

numUserAnswersForAuth

The number of user question answers required for authentication

false

numHelpdeskQuestions

The number of required helpdesk questions

false

matchingAttribute

The ID for each matching attribute GAL item (if any)

true

matchingAttributesMatchEntire

Whether the matching attribute check matches the entire password

false

blacklisted

The blacklisted passwords (if any)

true

blackListMatchEntire

Whether the blacklist check matches against the entire password

false

restrictWordsFromQuestion

Whether or not answers to challenge questions can contain words included in the question

false

canSkipSetup

Whether or not users can skip answering challenge questions if prompted by ARMS

false

oldestAllowedResponseTimestamp

The timestamp of the oldest allowed response set

false



The Challenge Policy Deleted action is logged when a user deletes a Challenge Policy. (Available since version 2.7.0)

Table 138. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.challengePolicyDeleted

target_system

DIRECTORY

target_id

{null}

target

The ID of the Challenge Policy



Table 139. Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

priority

The priority of the policy

false

enabled

Whether the policy is enabled

false

noChallenge

Whether or not the policy is a no-challenge policy

false

default

Whether or not the policy is the default policy

false

groupAclsEnabled

Whether or not Role ACLs are enabled

false

aclGroupId

The IDs of associated Role ACLs (if any)

true

filterAclEnabled

Whether LDAP filter ACLs are enabled

false

filterAcl

The LDAP filter ACL (if any)

false

adminQuestions

An integer key for each admin question

true

adminQuestion-{key}-question

The question associated with the keyed admin question

false

adminQuestion-{key}-required

Whether or not the keyed admin question is required

false

minAdminQuestionPoolSize

The minimum admin question pool size

false

minUserQuestionPoolSize

The minimum user question pool size

false

maxUserQuestionPoolSize

The maximum user question pool size

false

allowUserDefinedQuestions

Whether or not user questions are allowed

false

minQuestionLength

The minimum allowed question length

false

maxQuestionLength

The maximum allowed question length

false

minAnswerLength

The minimum allowed answer length

false

maxAnswerLength

The maximum allowed answer length

false

numAdminAnswersForAuth

The number of admin question answers required for authentication

false

numUserAnswersForAuth

The number of user question answers required for authentication

false

numHelpdeskQuestions

The number of required helpdesk questions

false

matchingAttribute

The ID for each matching attribute GAL item (if any)

true

matchingAttributesMatchEntire

Whether the matching attribute check matches the entire password

false

blacklisted

The blacklisted passwords (if any)

true

blackListMatchEntire

Whether the blacklist check matches against the entire password

false

restrictWordsFromQuestion

Whether or not answers to challenge questions can contain words included in the question

false

canSkipSetup

Whether or not users can skip answering challenge questions if prompted by ARMS

false

oldestAllowedResponseTimestamp

The timestamp of the oldest allowed response set

false



The Claim Policy Saved action is logged when a user saves a Claim Policy. (Available since version 2.7.0)

Table 140. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.claimPolicySaved

target_system

DIRECTORY

target_id

{null}

target

The ID of the Claim Policy



Table 141. Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

index

The list index of the property

false

description

The description (if any)

false

enabled

Whether the policy is enabled

false

searchBaseDN

The optional user search base DN

false

additionalFilterString

The optional additional user LDAP filter

false

agreementEnabled

Whether an agreement is enabled

false

agreementRequired

Whether an agreement is required

false

agreementText

Agreement text (if available)

false

agreementLabel

Agreement label (if available)

false

agreementMessage

Agreement message (if available)

false

htmlOnComplete

HTML to display on complete

false

challengeItem

The GAL item ID for each claim policy challenge item

true



The Claim Policy Deleted action is logged when a user deletes a Claim Policy. (Available since version 2.7.0).

Table 142. Audit Log Columns

Column

Value/Description

product_id

net.idauto.audit.common.product.arms

module_id

net.idauto.audit.arms.module.accountmgmt

action_id

net.idauto.audit.arms.actm.action.claimPolicyDeleted

target_system

DIRECTORY

target_id

{null}

target

The ID of the Claim Policy



Table 143.  Extended Properties

Name

Value/Description

Multi-valued

version

The version of the object

false

name

The name of the policy

false

index

The list index of the property

false

description

The description (if any)

false

enabled

Whether the policy is enabled

false

searchBaseDN

The optional user search base DN

false

additionalFilterString

The optional additional user LDAP filter

false

agreementEnabled

Whether an agreement is enabled

false

agreementRequired

Whether an agreement is required

false

agreementText

Agreement text (if available)

false

agreementLabel

Agreement label (if available)

false

agreementMessage

Agreement message (if available)

false

htmlOnComplete

HTML to display on complete

false

challengeItem

The GAL item ID for each claim policy challenge item

true