1. Forefront Identity Manager 2010
Mollie SMS Workflow Activity
By: Oxford Computer Group (BNL)
Author(s): Sjef van Leeuwen, Wim van den Heijkant
Document name: Mollie SMS Workflow Manual
Product Version Version: 1.0
Release Date: Release Date: 2012-04-04
2. Introduction
The Oxford Computer Group Mollie SMS workflow activity for Forefront Identity Manager 2010 allows
you to send SMS messages directly from a Forefront Identity Manager workflow. This allows you to
build your own workflows that can for example; send a notification SMS to a new user that a new
account has been created and is ready for use.
This document describes the prerequisites, installation and some specific configuration examples.
Contents
Introduction .................................................................................................................................................................2
Prerequisites ................................................................................................................................................................3
Installation ...................................................................................................................................................................4
SMS Workflow configuration ................................................................................................................................. 10
Selecting the activity ......................................................................................................................................... 10
Configuring the Activity .................................................................................................................................. 11
Configuration examples........................................................................................................................................... 13
New user – Account Name & Password notification ...................................................................................... 13
Frequently Asked Questions ................................................................................................................................... 18
3. Prerequisites
Your own installation and configuration of Forefront Identity Manager 2010
An account with credit at Mollie
(See https://www.mollie.nl/aanmelden/ for more information, unfortunately website is only in Dutch.)
A network connection from you FIM Service Server to the Mollie URL over port 80 or 443
4. Installation
Before you proceed with the installation, please confirm that you have all the prerequisites described
above.
To run the installation of the OCG Mollie SMS activity logon with an account that has at least the
following permissions:
- Local Administrator on the FIM machineAccess to your Forefront Identity Management portal
with permissions to:
o Logon to the FIM portal
o Update the FIM schema
o Create a new ActivityInformation Configuration object
Whenyou startthe installation the following screen will appear:
Please read the end-user license agreement and after accepting it, click ‘Next’.
5. Enter the FIM Serviceaddress and click ‘Next’.
Note: In our installation this is localhost, but in your configuration this might be the FQDN of your FIM server
When using multiple FIM Servers, do not enter the address of your load balancer, but install the software on each
Server Node locally.
6. If this is the first time the activity is being installed, the installer will generate a free 30 day trial license.
Please specify a company name for the license and click ‘Export’. This will open a file dialog for saving
yourlicense file.
Note: This feature was added to allow you to start testing and using the OCG Mollie SMS activity immediately.
The license is valid for 30 days from the day that you generated the license. If you have evaluatedthe activity and it
works as expected please contact sales@oxfordcomputergroup.nl to obtain a production license.Please also note that
when you upgrade/reinstall the activity this screen will be skipped, so make sure you keep a copy of the license file.
7. Save the License file, we will need this later when we configure the workflow.
8. The installation confirmation screen will appear. It shows you which Activities, attribute bindings and
management agents are going to be installed. To confirm installation, click ‘Install’.
9. The FIM service and IIS service need to be restarted for the installation to be completed. You can do this
here by checking the `Restart service when setup is completed` check box or you can do this at any
timeafter the installation manually.
To finalize the installation click ‘Finish’.
10. SMS Workflow configuration
Selecting the activity
After installation of the Mollie SMSActivity, the activity will have been registered in your activity
information configuration of FIM. You can then easily select it when creating a new work-flow.
11. Configuring the Activity
After selecting the OCG Mollie SMS Activity, you can begin configuring the settings for sending SMS
messages over the Mollie SMS HTTP gateway network.
Disable workflow
Disables the workflow, this is useful if you want to test the workflow chain without actually sending a
SMS message.
Use Impersonation
If enabled, the workflow will run under a different actor as specified under Impersonated ActoryId. This
is useful if you want to temporary give the activity elevated rights.
Impersonated ActorId
Contains the globally unique identifier of the actor under which the activity is executed.
12. License certificate
During installation a trial license certificate is generated. You should copy and paste the contents of the
‚.lic‛ file into this textbox in order to unlock the SMS Activity functionality.
Mollie URL Attribute
This is a fixed URL, either Http or Https as specified by the Mollie SMS gateway provider. We advise you
to always use the secure gateway being: https://secure.mollie.nl/xml/sms
Mollie Username Attribute
This is the user name as provided by Mollie to logon to the SMS gateway.
Mollie Password Attribute
This is the password as provided by Mollie to logon to the SMS gateway.
Originator Attribute
This identifies the sender of the SMS message. This can be a descriptive message, such as ‚Password
Service‛.
Originator Attribute
This is a relationship to which attribute in the FIM (person) schema will contain the phone number of the
recipient. In this example we used the standard ‚MobileNumber‛ attribute binding on the Person
resource type.
Message Attribute
This is a relationship to which attribute in the FIM (person) schema will contain the SMS message to be
sent to the recipient. The Mollie installer creates a default Text attribute binding ‚OcgBnlSmsMessage‛
for you, extending the Person resource type. We advise you to use this attribute binding.
13. Configuration examples
This chapter discusses a couple of ways in which the OCG Mollie SMS workflow can be used to benefit
your FIM installation. Please note; the way you use this activity is up to you, these are just examples.
New user – Account Name & Password notification
Scenario description
This scenario describes how the OCG Mollie SMS workflows activity is used to notify a user that an
account has been provisioned and tell him what username and password he should use. In our scenario
the following steps are taken:
Mollie
05
HR Application MA
(Or other Identity Source)
02
01
METAVERSE MA
(MV)
04 FIM Portal Database
CONNECTOR SPACE
(CS)
03
MA
Active Directory
1. A new user is created. In the FIM Portal, your HR system or any other authoritative source.
(If the user was created outside of FIM Portal the new user is firstsynchronized into the FIM portal
database.)
2. A workflow within the FIM portal generates an initial password for the new user as stores it in an
initial password attribute on the user object.
3. The Forefront Identity manager synchronization process takes the new user and creates an AD
user account for this new user. Using the initial password created in the FIM portal.
4. When the user account is created in Active directory the ObjectSID of the user is synchronized
back to the FIM portal.
5. A workflow with the OCG Mollie SMS activity is triggered to notify the user that the account is
created and that he can now start using his newly created account.
14. Assumptions
This scenario description has the following assumptions:
1. We assume that you have already installed the activity as described in the chapter: ‚Installation‛
2. We will only explain howto configure step 5 of this process to learn how to configure step 1 t/m 4
please refer to Microsoft’s online documentation1
3. The password generated in step 2 is stored an attribute called ‘InitPWD’
4. The username of the user is stored in the ‘AccountName’ attribute
5. The users mobile phone number (where we send the SMS message to) is stored in the
‘MobilePhone’ attribute
Configuration
To configure step 5 we need the following components:
1. A workflow that will built the SMS message & Send the SMS message to the end user
2. A management policy rule that will ensure that the workflow is triggered when the new users
ObjectSID attribute is updated.
The first thing we need to do is create a new workflow. Select workflows and click new:
1http://technet.microsoft.com/en-us/library/ee621259(v=ws.10).aspx
15. Specify a name, select workflow type action and click ‘next’
From the Activity Picker select the ‘Function Evaluator’
16. Now enter a name for this activity for example: ‘Built the SMS Message’ and Select the destination. Which
in our case is ‘*//Target/OcgBnlSMSMessage+’. Now we can start building the message by concatenating
strings with other values like DisplayName, AccountName and InitPWD.
In our example we start with:
String of ‘Dear ’
The value of DisplayName
Sting of ‘, Welcome to Oxford Computer Group. Your account is now ready for use. You can
logon to your computer with username:’
The value of Accountname
String of ‘ and password: ’
The value of InitPWD
String of ‘Kind regards, IT Servicedesk’
Click ‘Save’.
The resulting text message for
DisplayName Erik Plenter
Accountname ErikP
InitPWD Oxford901!
Would be:
Dear Erik Plenter, Welcome to Oxford Computer Group. Your account is now ready for use. You can logon to
your computer with username: ErikP and password: Oxford901! Kind regards, IT Servicedesk
This value is written to the OcgBnlSMSMessage Attribute.
17. Now that we have the SMSmessage content setup we can configure the actual sending of the SMS. Click
Add Activity and select the ‘OCG Mollie SMS Activity’ and click ‘Select’.
18. Frequently Asked Questions
This chapter was added to answer the most frequently asked questions. If you question is not answered
in this chapter please contact Sales@oxfordcomputergroup.nl for assistance.
Howdo I setup the correct portal permissions to install the OCG Mollie SMS activity?
When you configure a workflow within FIM you need to select an activity in the activity pickier:
These activities are registered within the FIM service database as ‘activity information configuration’
objects. During the installation of the Mollie SMS workflow activity the account that you use to do the
installation will attempt to add the ‘activity information configuration’ (AIC) object required for you. But
of course you do need to have enough permissions to actually create this AIC object within the portal.
If you have FIM R2 installed or FIM with at least update 1(Build 4.0.3531.2 - KB978864) installed being a
member of the ‘Administrators’ set is enough to allow you to create the AIC objects. The default
management policy rule ‘Administration: Administrators control configuration related resources’ will
allow you to create AIC objects and no further action is required.
If your FIM configuration is still RTM built (Build 4.0.2592.0) or even RC1 then you will have to manually
set the correct permissions. There is an error in the default management policy rule that doesn’t allow
you to create AIC objects that are of the type ‘Action’. To fix this error open up the ‘Administration:
Administrators control configuration related resources’ management policy rule and go to the ‘Target
Resources’. In the Select specific attributes click brows and ensure that the IsActionActivity attribute is
selected.
19. Howdo I know exactly what FIM Service version I’m running?
To find out which version of the FIM service you have go to: ‚…Program FilesMicrosoft Forefront
Identity Manager2010Service‛ and open the properties of the ‘Microsoft.ResourceManagement.dll’.
20. Howdo I create an account with Mollie?
For sending SMS messages we need an account at Mollie, the SMS gateway we use.
Below you can see screenshots of the steps needed, it is fairly straight forward so only a small description
is added to the screenshots.
Registrations please fill in all the forms, read the policies and proceed.
After this you will receive an email that explains how to activate your account.
21. Once activated, you can login and you will be presented with this screen, here you can track all statistics
and manage your account.
At the right of the screen you can see how much credits are left for sending messages, the button below it
is used to buy more credits.
22. After clicking on the button ‘Opwaarderen’ you will see this screen.Here you can insert any amount of
credits you would like to buy, the minimum is 100.
The button next to it will calculate the price and show payment options like shown below.
23. When using iDEAL or a creditcard, credits are immediately available on your account.When usingbank
transfer it can take up to 4 days.
After you have finished the payment and the credits are available, your account is ready to be used with
the FIM Mollie SMS Activity.