Feedback Ideas

Many clients want to be notified when their thresholds are hit for the source and target systems. However, the only means of notifying them is by triggering an email on the error state of a sync. There is no distinct "threshold reached" event that we can trigger on, which makes our notifications more vague than they ought to be. It would be great to have such an event that we could use to trigger an email notification.

Use Case: Define a filter that returns all Active Employees. Now, for the corresponding 'Inactive Employee AD Accounts' filter, instead of defining the inverse of all the Active conditions, just target all the relevant accounts (ie: AD, EmployeeType == Employee, etc). Add a Lookup Exclude against the 'Active Employee' filter using the EmployeeID named, with the Lookup named 'Inactive Employee Accounts'. This functionality would allow us to more quickly implement filters that have both a set of Grant and Revoke criteria that are just inverse of each other.

To protect NIM configuration natively, we should provide the ability to schedule automatically backups. This is beneficial when there are multiple NIM Administrators making configuration changes and often forget to back up their configuration.

NIM currently supports only two access levels: FULL or APPS-only. It would be helpful to have an "admin light" security level for junior admins to manage existing source syncs and run existing schedules/jobs when needed, but not be able to make changes to role model, mappings, filters, or what-have-you.

The ability to categorize apps in the interface would be helpful. Also, the ability for users to favorite an app so it always shows at the top would be helpful as well. E.g. local IT always does app X and rather than searching for it each time as we make new apps available it would always show up at the beginning of the available apps.

A proposed idea within the Role Model is to provide a feature for Segregation of Duties. I picture this to work where within a Role you can define another Role that cannot be used. For example if you have a Role Model with 3 Roles (Employee, HR, Payroll). Within the HR Role you say they cannot be part of the Payroll Role. This ensures an HR Employee can't be a Payroll Employee as well. Or you use an analogy, the Person approving the funds cannot also write the checks.

It's no fun getting evaluation reports every hour that show zero changes to be made. An option to only send evaluation reports when there are changes to be made in the target systems would be nice.

Some organizations want to be fully hosted in the cloud for various reasons. Providing a hosted solution for NIM could be benefical to these organizations.

Make it possible to user conditions in the email template We can do this in HelloID which is very useful. My example is the last name was changed for a user but not the first name. But the customer wants the names to be reflected in the email. The problem is since "givenName" wasn't updated it's not available as an argument even it's specified in the mapping So the result for "John Smith" would be "Smith" In HelloID we can do something like {​​​​​​​​​{​​​​​​​​​account.password||"No password"}​​​​​​​​​}​​​​​​​​​, wondering if have some similar logic here available. I think to expand on this we should have the following: If Null Example: If {var.event.argument.mail} is null then {var.event.input.mail} If statement Example: If {var.event.input.employeeType} == "student" && {var.event.argument.mail} != null then allow block of text with variables

There are instances in apps where we need to call scripts/commands outside the capability of NIM. E.g. running DACLS.exe when generating a new OU in AD to configure permissions, or custom PowerShell scripts that perform actions outside the scope of NIM.

Proposed Feature Ability to (re)certify access to security/resources by resource owners. The following would be some basic requires of the functionality Ability to categorize resourcesAbility to set/retrieve owners and reviewers for a resourceOwner/Manager based review, with confirmation tracking (view and submission) Notification Method NIM AppEmail

A client has built a filter with lookups that are available and working in some areas such as 'Mappings' but not available when selecting filters in 'Events' > 'Templates'. The filter is available, but not the lookups. Screenshots attached.

If you're in a scheduler task, you have to select Scheduler Overview in the left panel instead of being able to use the scheduler breadcrumb at the top navigation bar.

Currently, you have to export all columns that are turned on in a filter. This prevents you from using ordering on data that you don't want in the export. There should be an option to select which columns that are present in the filter that we want to export in the scheduler's export and multi-export options.

Provide the ability for NIM to leverage Let's Encrypt for the HTTPS Certificate. This feature would give the administrator the ability to have automatic certificate renewal and avoid any additional costs for certificates