ACDI Workflow Monitor package
- Andrii Revenko
We will install and configure the ACDI Workflow Monitor package. What's more, we will review the real-world example "How to insert user-defined attributes into the workflow data".
The ACDI workflow monitor package is used to monitor workflow statuses. You can always check a particular workflow's current processing step, if it was approved or denied, etc. The ACDI Workflow Monitor package can be downloaded from your ACDI Server.
So, let's begin with the installation and configuration of the ACDI Workflow Monitor package. First, open your ACDI server in your web browser, go to "Administration", then "Event Service (eDirectory)" and click the button "Download AuditDriver packages".
From this archive, pick the SPACDWFM package and extract it into a folder.
Once that's done, go to the IDM Designer, right-click on "Package Catalog" then “Import Package”
Now "Browse", and select the SPACDWFM package. "ACDI Workflow Monitor".
.
After that, you need to install this package to the "User Application Driver".
Right-click on "User Application Driver", then "Properties".
Then click th "Packages"
then click the "plus" button and choose "ACDI Workflow Monitor". Click "Apply"
Now it's time to fill in the package settings. You can see that your ACDI host is without port and protocol. Here you should input the FQDN of your ACDI host – acdi4oemdevint.
Please leave all other options at their default setting, maybe except password.
Let's set the password for OS admin.
Click "Next" and then "Finish"
Then, go to "GCVs", switch to the "User Application Driver" tab and set the option "Allow Named Password to be retrieved over LDAP" to "True".
This step is very important because otherwise the osadmin password will not be transferred to the "User Application", and your workflow will not be able to send the data to the ACDI Server.
After that we need to deploy the changes to the IDM server. Right-click on "User Application Driver, then "Live", and "Deploy".
Let's take a look at the workflow templates included in the package now.
Open the "Provisioning" tab, then expand "User Application Driver", now "Provisioning Request Definitions", and "Custom templates". Here you can see two templates: "Workflow Audit" and "Workflow Audit with Loop".
The templates are similar; both contain required activities for auditing your workflow.
The main difference is that "Workflow Audit" will try to send the data to OpenSearch just once.
In case of any error, it will simply write the error in the log and continue to work. "Workflow Audit with Loop" will try to send the data several times (sending in loop).
The number of sending times can be set by the GCV - "Count of sent tries in case of sent error".
And here you can set the pause between send tries. It can be useful in case of a bad connection between the ACDI Server and the IDM User Application host.
To audit your own workflows, sets of activities need to be included in your workflows.
We call them "blocks".
Let's look at these blocks in the "Workflow Audit". They are the "start block" and the "finish block"
The "start block" should be set at the very beginning of your workflow, right after the "Start" activity. The "finish block" should be set at the very end of your workflow, right before the finish activity. In the middle you see the "Custom Approval" activity you want to monitor.
If you mean to monitor a few branch results from the "Custom Approval" or you need to monitor several "Approval" activities, the "finish block" needs to be copied a few times, and the name of "step" in each "finish block" needs to be changed.
Let's deploy the "Workflow Audit" and call it from the User Application portal. To do that, we'll head over to the User Application Portal > Dashboard > New request > Workflow audit > Set the Recipient > Set the Reason > Submit.
Now let's go to the ACDI Server.
"Dashboards", then "NetIQ IDM", and "NetIQ Workflow Dashboard".
And here we can see this workflow's information: status is “processing”; current step - “start”.
Let's return to the User Application Portal, go to "Tasks" and choose "Approve" for this workflow. And the dashboard shows now: status is “approved”; current step is “finish”.
Let's review a real-world case now. For example, we need to save some additional data in OpenSearch; a custom field we want to see in the Workflow Dashboard. To do this, we'll go to the Approval Form where we will add the new field "Very_Important_Field", and save the form.
Now let's head over to the "Workflow" tab. Go to "Custom Approval", "Post Activity" and choose "Map all".
After that, we'll choose the "Audit_Send DataFinish" and add this "very important field" to the "Content" REST activity. Let's call the new Dashboard attribute "Very_Important_Data" (this is how the attribute will be called in the OpenSearch data) and assign it to the "Very_Important_Field".
Now it's time to save the changes.
Let's deploy this workflow and try to call it in the user application portal.
Go to the tab "Tasks".
We see here our "very important field". Let's add a comment and input "very very important description" in our new field.
Now we deny this request.
Checking the Workflow Dashboard, we can see the request was denied and the current step is finish.
Very important data" contains "very, very important description", which can be used in our dashboards and reports.
Workflow data can also be viewed in the workflow report. To do that, go to "Reports", then "NetIQ IDM" and "NetIQ Workflow Report". Run the report. Here are all the workflows started during the last 7 days.