Skip to main content

NIM

Step 23: Set up the internal NIM system (tutorial)

Our app is finished and tested, but there is still one last thing to do—grant users access to it. In this step, we'll add & configure an Internal system and create some internal NIM users.

Add the internal system
  1. Go to Systems > Overview.

    2023-10-12_11-00-21.jpg
  2. Click Add.

  3. Accept the default System Name.

    2021-06-17_12-01-42.png
  4. Click Save.

  5. The new system is added to the Configured Systems pane.

    2023-10-12_10-58-43.jpg
Configure the internal system
  1. Click Configure for the internal system.

  2. Enable the Users, Groups, and Memberships tables.

    2023-10-12_13-19-31.jpg
  3. Click Save.

  4. Expand the internal system's table list.

    2023-10-12_13-20-14.jpg
  5. Go to the memberships table.

  6. Go to the Relations tab.

    2023-10-12_13-21-17.jpg
  7. Manually add the following foreign-primary key relations:

    2023-10-12_13-21-43.jpg
    • Foreign key AccountID of memberships table (N) → primary key ID of groups table (1)

    • Foreign key AccountID of memberships table (N) → primary key ID of users table (1)

    • Foreign key GroupID of memberships table (N) → primary key ID of groups table (1)

  8. Enable all the checkboxes in the N-N Relations pane.

    2023-10-12_13-22-10.jpg
  9. Click Save.

Add an inter-system relation between the HR500 and internal systems
  1. Go to Processing > Relations.

  2. In the A pane, select the HR500 system, the employees table, and the employee_id column.

    2023-10-12_14-31-48.jpg
  3. In the B pane, select the internal system, the users table, and the ExternalID column.

    2023-10-12_14-32-54.jpg
  4. Click Match.

    2023-10-12_14-33-44.jpg
  5. Click Add.

    The new relation is populated into the Inter-System Relations pane.

    2023-10-12_14-34-32.jpg
  6. Click Save.

Add a filter that selects employees without internal accounts
  1. Go to Processing > Filters.

  2. Click Add.

  3. Enter a Filter Name.

    For this example, we'll call our filter HR500_internal_User_Create, following the convention SourceSystem_TargetSystem_ObjectType_Action.

    2023-10-12_14-39-12.jpg
  4. Click Create.

Configure the filter's logic
  1. Configure the filter to join the HR500.employees table to the internal.users table, using no logic.

    2023-10-12_14-48-03.jpg
  2. Click Save.

  3. Click Filter to run the filter. The results are populated into the Result pane. In our case, all 585 employees in the CSV system do not yet have an account in the internal system.

    2023-10-12_14-51-46.jpg
  4. Go to the Columns Selection tab and hide all columns under the users alias, which will always be empty.

    2023-10-12_14-57-55.jpg
  5. Click Save.

Add a name generator to generate internal usernames
  1. Go to Processing > Name Generation and add a name generator named ng_internal.

  2. For the Based On Filter, select the HR500_internal_User_Create filter we created previously.

    2023-10-13_12-37-55.jpg
  3. Add a Name called ng_internalUsername.

    2023-10-13_12-42-24.jpg
  4. Add a new Method for ng_internalUsername.

  5. Drag and drop first_name to Part 1, last_name to Part 2, and employee_id to Part 3.

    2023-10-13_12-45-45.jpg
  6. We'll apply the following Conversions:

    2023-10-13_12-49-53.jpg
    • Part 1 (first_name): Case conversion: convert to lower case and Shorten: use first character.

    • Part 2 (last_name): Case conversion: convert to lower case and Add at begin with Argument (1) = ..

  7. Click Save.

Add a password generator to generate internal account passwords

Tip

In a production scenario, we'd likely want to add a password generator. However, for this example, we'll skip it and instead map static passwords to make it easier to test the accounts we create.

Add a mapping to create internal accounts
  1. Go to Output > Mappings and add a mapping with the following values:

    • System: internal

    • Target: users

    • Function: user_create

    • Name: HR500_internal_UserCreate

    2023-10-12_15-18-24.jpg
  2. For the mapping's Filter, select HR500_internal_User_Create. For the Name Generator, select ng_internal.

    2023-10-27_14-59-34.jpg
  3. We'll map the following attributes:

    2023-10-27_15-02-30.jpg

    Attribute

    Item

    Note

    DisplayName

    ng_internalUsername

    Enabled

    true

    You must manually type in true.

    ExternalID

    employee_id

    Name

    ng_internalUsername

    Password

    <a static password>

    We're mapping a static password instead of using a password generator, to make testing easier.

  4. Click Save.

Add a job for the internal system
  1. Go to Output > Jobs and add a job named HR500_internal.

  2. Add a new job item with a type of crud. For the Name, we'll select the HR500_internal_UserCreate mapping. We'll set the Threshold to 1000.

    2023-10-13_13-31-34.jpg
  3. Click Save.

  4. Go to the Execution tab and click Evaluate.

    This job will create 585 internal NIM user accounts.

    2023-10-13_13-34-36.jpg
Add & configure a scheduler for the internal system
  1. Go to Scheduler > Overview and add a sync type scheduler named HR500_internal.

  2. We'll turn off the Evaluate toggle.

    2023-10-13_13-40-29.jpg
  3. We'll add our HR500 source system to the scheduler's collection, with a Maximum Age of 0 and Stop On Error enabled.

    2023-10-13_13-41-13.jpg
  4. We'll add our HR500_internal job to this scheduler, with Stop On Error enabled.

    2023-10-13_13-41-58.jpg
  5. Go to the Schedule tab.

  6. Enable the Scheduling Enabled checkbox.

  7. We'll configure the schedule to run at 2:15am, M-F.

    2023-10-13_13-51-42.jpg
  8. Click Save.

Perform an initial manual run & troubleshoot errors
  1. Go back to Scheduler > Overview and click Manual Run for the HR500_internal schedule.

    2023-10-13_13-52-16.jpg
  2. The scheduler executes successfully. The internal accounts have been created.

    2023-10-13_14-03-58.jpg
  3. We can verify this by checking the users table of the internal system.

    2023-10-27_15-07-04.jpg

    We can also verify the same thing by browsing the users table of the C:\ProgramData\Tools4ever\NIM\config\nimAuthDb.db database:

    2023-10-27_15-08-21.jpg

Next: Step 24: Internal user/group access