As described in the master document of this blog post series, we’ll start with creating a simple IdM report and it will be used for later enhancements.
Part 1: Create initial version of IdM report via SAP Lumira
The first step in creating an IdM report is to define the requirements for a given report. Our initial requirements are the following:
The report should contain all company employees and assigned business roles, presented in a tabular format.
The report should be accessible in an easy way (e.g. via web browser).
When the requirements are fulfilled, we should proceed with creating the report. The next step is to connect from SAP Lumira Desktop to the SAP IdM instance. This is needed to extract the identity data and form the report. Connection is done via JDBC directly to the IdM DB. Once the connection is established, the information is extracted in so called DataSets. To achieve that, we’ll do the following:
Start SAP Lumira Desktop
Open File->New or use the shortcut (Ctrl+N)
Select the option “Query with SQL” from the Source options list
Select the DB type. In this example we use MS SQL, but you should select the proper type based on your installation.
Provide connection details and connect to the DB. It is also helpful to save the connection details, that way we’ll not be asked to enter them each time we try to connect to the DataBase.
The next step is to specify which data will be extracted in the DataSet. We should define the name of the DataSet and provide the query definition.
In this case the name of the DataSet will be RolesSCNDS and the query will extract display name of the business role, identifier of the person, identifier of the business role and information about the time when the business role was created. To extract that details, we’ll use 2 of the DB views that IdM provides:
entries.mcDisplayName as RoleDisplayName,
links.mcThisMSKEY as RolePersonIdentifier,
links.mcOtherMSKEY as RoleIdentifier,
links.mcOtherMSKEYVALUE as RoleName,
entries.mcCreated as RoleCreated
idmv_link_ext as links inner join idmv_entry_simple_all as entries on links.mcOtherMSKEY = entries.mcMSKEY
links.mcThisOcName = ‘MX_PERSON’ and
links.mcOtherOcName = ‘MX_ROLE’
Press the “Preview” button to see whether the data will be loaded into the table at the bottom right part of the window. If everything is correct, we should see several records in the table.
Pressing the “Create” button will create the DataSet.
Create Table visualization
After we completed the creation of the DataSet, we will navigate to the SAP Lumira Desktop main screen. The next step of the process is to create visualization objects that will display the content of the report.
Make sure that “Visualize” tab is selected in SAP Lumira Desktop.
We’ll select Table from the templates.
Add “RolePersonIdentifier” and “RoleDisplayName” dimensions as “Rows Axis”. This could be done via drag-and-drop or by using the “+” button.
Create Story Board
Now that we constructed the table, we should create “Story Board” where to add the table and combine it with other graphical objects later.
We should navigate to “Compose” tab in SAP Lumira Desktop.
As we do not have other Story Boards created, the application will ask us to create one. We’ll name this Story Board RolesSCNSB and press the “Create” button.
Change the default title of the Story Board to “Roles”. Double click the title to open it for editing.
Drag and drop the visualization object that is available in the pane on the left side.
As a result, the following visualization object is displayed:
Save SAP Lumira Desktop document
As we have the initial version of the report ready, we could also save our work in SAP Lumira Desktop if we want to modify the report later.
To do that we’ll open File->Save As (or Ctrl+Shift+S) and specify the name of the document.
We could save the changes locally or on the cloud.
Publish the report
The next step of this part is to publish the created story Board to SAP Lumira Server and share it.
Prior to publishing the report, we should guarantee that the network settings are correctly maintained. We’ll do that from File->Preferences menu (or Ctrl+P) and then go to Network. Check the proxy settings and make sure that the SAP Lumira Cloud URL is entered.
To publish the report, we need to go to the “Share” tab.
Select the RolesSCNSB and press the “Publish to SAP Lumira Cloud” button.
We’ll be asked to provide our credentials for the cloud environment.
After we enter that details and connect to the cloud environment, we need to confirm the publication. Shortly after that the DataSet and the Story Board will be published to SAP Lumira Cloud.
Open and share the report
After we publish the report to SAP Lumira Cloud, let’s try to open it.
We need to open SAP Lumira Cloud and provide the credential details. We’ll be navigated to the cloud environment and will see all objects that we have published. In our case these are the Story Board and the DataSet.
Click over the Story Board RolesSCNSB and the report will be opened.
We could also share the report with other people. To do that, we’ll open “Share” from the Story Board context menu.
Change the access to public and save the sharing URL.
* In this case the report will be visible to everybody, but there are also options we could use to share a report to specific people or groups.
Now the initial version of our report is created, published and accessible to other colleagues. Any later changes that we’ll do will be automatically available via the sharing URL that we have copied in the previous step
As we are ready with the initial report, we could proceed further to the next step and modify the report