SailPoint IdentityNow Security Configuration Report

An IdentityNow Security Configuration Report of a SailPoint IdentityNow environment is a valuable artefact to have. I’ve previously documented examples for generating reports for;

But what about the configuration of items such as;

  • Global Security Settings Details
  • IWA Configuration Details
  • SSO SP Configuration Details
  • SSO IDP Configuration Details

The script (further below) leverages the SailPoint IdentityNow PowerShell Module to generate a HTML report of the configuration items listed above. It also exports the configuration of each of the above features to the output directory in XML format using the PowerShell Export-Clixml command. This means that any of the configuration items can be imported and inspected as required using Import-Clixml <configItem.xml>. It also means that the configuration can be stored in your CMDB or equivalent.

HTML Report

The HTML Report as shown below lists each of the configuration elements that can be selected that then expands with the associated configuration.

SailPoint IdentityNow Security Config Report

Configuration Export

The following image shows the exported configuration items and the HTML report that provides a report based off them.

SailPoint IdentityNow Security Config Files Export
SailPoint IdentityNow Security Configuration Export

The Script

The IdentityNow Security Configuration Report Script below produces the configuration extracts and report.

Update:

  • Line 4 for your IdentityNow Organisation Name
  • Line 10 for a graphic you’d like in the report. The script is hard coded for a graphic that is 240px wide and 82px high
  • Line 11 for the base directory you’d like the report and config files to be put it.
    • A sub-directory will be created with the date and time the report is generated. This allows for you to run the script on a schedule and not worry about overwriting previous reports and config extracts.

Summary

In conjunction with the other reporting and config scripts I’ve provided it is quick and easy to generate configuration documentation and exports of SailPoint IdentityNow configurations.