An IdentityNow engineer has the following problem:
An identity is listed under Identities with Errors.
Is this one of the steps that should be taken to troubleshoot the issue?
Solution: Check for missing lastname, email, or uid attributes.
Yes, checking for missing critical attributes like lastname, email, or uid is a valid step when troubleshooting an identity listed under 'Identities with Errors' in SailPoint IdentityNow. These attributes are often required for proper identity processing, synchronization, and provisioning. If any of these attributes are missing or incorrectly configured, it could result in errors, preventing the identity from being fully processed by the system.
Key Reference from SailPoint Documentation:
Identity Attributes and Error Handling: SailPoint IdentityNow requires certain core identity attributes (such as lastname, email, uid) to be present and correctly populated. Missing or invalid values for these attributes can lead to errors and prevent identity synchronization or provisioning.
Review the sentence below
The virtual appliance (VA) private key is_____.
Does this option correctly complete the sentence?
Solution: Stored both in the identityNow tenant and on the VA.
The virtual appliance (VA) private key is not stored in both the IdentityNow tenant and the VA. The VA private key, which is critical for secure communications, is stored only on the Virtual Appliance (VA) itself. It is used to authenticate and encrypt communications between the VA and the IdentityNow tenant. Storing such sensitive information in the IdentityNow tenant would violate best practices for key management and security.
Instead, the IdentityNow tenant only holds the public key or a reference to the key to facilitate secure exchanges with the VA. The private key remains secured locally within the VA, protecting it from potential security vulnerabilities associated with external storage.
SailPoint IdentityNow Virtual Appliance Architecture Guide.
SailPoint IdentityNow Security and Encryption Documentation.
An IdentityNow engineer needs to find identities with disabled AD accounts by using IdentityNow's search features. Is this the correct search syntax to perform this task?
Solution:
No, the search syntax @accounts( source.name:'AD' AND disabled:true ) is incorrect for SailPoint IdentityNow because the attribute disabled may not be universally recognized or applicable for all sources in the system. Using the state:'disabled' condition (as in previous correct answers) is a more reliable and system-compliant approach to find disabled accounts.
Key Reference from SailPoint Documentation:
Standard Account State Search: The correct search syntax involves using state:'disabled' instead of disabled:true for querying disabled accounts.
Review the steps.
1______________________________________
2. Import the virtual appliance (VA) image to the virtualization platform.
3. Start the VA.
4. Log in to the VA using the default credentials.
5. Change the password for the SailPoint user.
6______________________________________
7. Create a new VA cluster in IdentityNow.
8. Create a new VA configuration in IdentityNow. 9 Download / procure the config.yaml.
10. Configure the keyPassphrase in the config.yaml.
11. Upload the config.yaml into the VA.
12______________________________________.
Are these the missing steps?
Solution: 1. Click Test Connection on the VA configuration. 6. Download / procure the VA image. 12. Configure networking configurations (as needed).
No, the provided steps are not correct. The sequence of actions is misplaced:
Step 1: Before clicking 'Test Connection,' you need to download or procure the VA image and import it into the virtualization platform.
Step 6: After logging in and changing the password, the next step is to configure the networking settings, not downloading the image again.
Step 12: After uploading the config.yaml, you should proceed with testing the connection to ensure the VA is correctly configured and can communicate with IdentityNow.
Corrected Steps:
Download / procure the VA image.
Configure networking configurations (as needed).
Click Test Connection on the VA configuration.
SailPoint IdentityNow Virtual Appliance Installation and Configuration Guide.
SailPoint IdentityNow Virtual Appliance Test Connection Documentation.
Is the following true about custom connectors in IdentityNow?
Solution: Custom connector are developed and compiled inside identityNow.
No, custom connectors are not developed and compiled inside IdentityNow. Custom connectors are typically developed outside of the IdentityNow platform using a development environment and then tested and packaged before being uploaded to the platform. These connectors can be developed using tools provided by SailPoint, but the actual development process occurs externally, not directly within the IdentityNow environment.
Key Reference from SailPoint Documentation:
Custom Connector Development: Custom connectors are developed outside of the IdentityNow platform and then integrated into it for use.
