An IdentityNow Security Configuration Report of a SailPoint IdentityNow environment is a valuable artefact to have. I’ve previously documented examples for generating reports for;
But what about the configuration of items such as;
- Global Security Settings Details
- IWA Configuration Details
- SSO SP Configuration Details
- SSO IDP Configuration Details
The script (further below) leverages the SailPoint IdentityNow PowerShell Module to generate a HTML report of the configuration items listed above. It also exports the configuration of each of the above features to the output directory in XML format using the PowerShell Export-Clixml command. This means that any of the configuration items can be imported and inspected as required using Import-Clixml <configItem.xml>. It also means that the configuration can be stored in your CMDB or equivalent.
The HTML Report as shown below lists each of the configuration elements that can be selected that then expands with the associated configuration.
The following image shows the exported configuration items and the HTML report that provides a report based off them.
The IdentityNow Security Configuration Report Script below produces the configuration extracts and report.
- Line 4 for your IdentityNow Organisation Name
- Line 10 for a graphic you’d like in the report. The script is hard coded for a graphic that is 240px wide and 82px high
- Line 11 for the base directory you’d like the report and config files to be put it.
- A sub-directory will be created with the date and time the report is generated. This allows for you to run the script on a schedule and not worry about overwriting previous reports and config extracts.
In conjunction with the other reporting and config scripts I’ve provided it is quick and easy to generate configuration documentation and exports of SailPoint IdentityNow configurations.