Okay, so i'm looking for some inspiration on how to disign a solution so i'm able to use CostCenter info from our HR system. Of course i could create a Set for each CostCenter and parent CostCenter, but i don't really want to do all that manual work, since it's already been done in the HR system. So, what do you do? Is there some documentation available regarding this subject, maybe some best practice or design examples? In my current Oracle View in the HR system i have only Person Objects. Each Person object has Department number: 1234 CostCenter Name: "1234 Cost1" "1234.100 Cost1" "1234.200 Cost1" EmployeeID, Uid, GSM number, etc. So i guess i need to create a new custom object type, like CostCenter Objects and create them from HR data. Is that possible from my current view with only Person objects in or do i need the DBA guys to create an aditional object in that view for CostCenterObjects or maybe an intirely different view with the CostCenter objects in. Any inspiration is much appriciated :)/Frederik Leed

Frederik - you are TOTALLY thinking along the right track with your custom object type, and sourcing them from HR. The key here is that you need to set up your new CostCenter object in BOTH the FIM metaverse and portal, and importantly set up a reference on your PERSON object to one (or more?) cost centres related to a person at any given point in time. Not much time to explain now as to why you really do want a brand new resource type here, but essentially: there are attributes of this resource type which do NOT belong on a person resource type but which are still likely to influence policy there is (most likely) a concept of 'role membership' you are looking to establish here, and you need to synthesize such a role with its own resource type (synchronized to HR) so as to avoid the ongoing manual work to set up FIM objects; and (importantly) the FIM query dialect really wants you to work with reference attributes for this sort of thing (not strings). I am doing this all the time with basically EVERY FIM implementation I'm doing, and it works brilliantly ... but I have the advantage of using something we @ UNIFY call our "Identity Broker" product to construct an HR MA (uses an ECMA of its own) to do all of the work in setting up the HR connector space exactly the way FIM wants it. You can do all this yourself by hand with say the OOTB Oracle or SQL MAs, but you are always going to run into performance bottlenecks the need to inject additional objects into your RDBMS itself (views/triggers/indexes/functions/etc) the need to ensure uniqueness of a common anchor for each resource type in your CS so that you can set these up as reference types in your MA ... other gotchas :) ... in order to drive standard MA features like delta imports and multiple object classes per MA. I am planning to post on how I do this soon, but for now you are definitely on the right track, and it works!!! Bob Bradley, www.unifysolutions.net (FIMBob?)

Thanks Bob, great to hear from you, you always say the things i need to hear. The key here is that you need to set up your new CostCenter object in BOTH the FIM metaverse and portal, and importantly set up a reference on your PERSON object to one (or more?) cost centres Got it there is (most likely) a concept of 'role membership' you are looking to establish here, and you need to synthesize such a role with its own resource type (synchronized to HR) Yes, definitely going there some time soon. It would be great if some one could write; "Design examples on how to work with Cost Centre's" and "Design examples on how to work with Roles". Everyone talks about roles and that, that's the way to use FIM. I get the way that it's smart to work with both roles and Cost Center objects, but how do you handle the need for access to shares / applications / mailboxes / sharepoint sites, that you are not able to assign to users from any given criteria? How do you handle that some things are request based and not criteria based? Have you made a special RCDC for the portal to request roles from? (any screen shots?) /Frederik Leed