Skip to main content
Version: 8.2411.x.x RR

Unit

Units in nevisIDM are the equivalent to organizational units in companies. Just like in an organisation, nevisIDM units can form one or more hierarchical trees. Each unit tree has its own root unit. Based on units, users can be assigned the so-called unit or application data rooms. Both the hierarchical structure of units and data rooms are shown in Fig. 1 (of the Authorization chapter) to give a first idea. For details about data rooms, see the chapter: Authorization in nevisIDM.

Database table TIDMA_UNIT

DB attributeJava data type (max. size), defaultsDescription
abbreviation_dict_entry_idLong, nullableThe unit's abbreviation in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY.
client_idLong, not NULLThe client the unit belongs to. Foreign key that links to information in the table TIDMA_CLIENT
descriptionString(1000), nullable
displayname_dict_entry_idLong, nullableThe unit's display name in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY.
extidString(50), not NULLExternal identifier
hnameString(4000), nullableThe unit's hierarchical name describing the unit hierarchy from the top unit down to the actual unit. Format of hname:/<extId of top unit>/<extId of level1 unit>/... /<extId of current unit>
hname_dict_entry_idLong, nullableThe unit's hierarchical display name in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY
locationString(50), nullableOptional hint where the unit is located.
modification_commentString(1000), nullableComment of related add/update/delete action.
nameString(50), not NULL
parent_idLong, nullableDefines the unit's parent unit. If NULL, the unit is a main unit. Foreign key that links to information in the table TIDMA_UNIT
policy_configuration_idLong, nullableThe policy configuration that belongs to the unit.
profilelessBoolean, not NULLDetermines if the unit may be assigned to profiles. If set to "true", no profiles can be assigned to the unit. It is not possible to set this flag to true for the default unit. The profileless flag can be changed to "true" for units with no profile or for units that are assigned only to archived profiles.
state_idLong, not NULLState of the unit. Available states are: active; disabled
unit_idLong, not NULLPrimary key (uniquely identifies each individual DB entry)
valid_fromDate, nullableThe unit is valid from the valid_from date onward. If this date is in the future, any profile directly in this unit is not allowed to log in. The "Null" value means no restriction.
valid_toDate, nullableThe unit is valid until the valid_to date. If this date is in the past, any profile directly in this unit is not allowed to log in. The "Null" value means no restriction.

Database table TIDMA_UNIT_PATH

The database table TIDMA_UNIT_PATH is a helper table that stores the hierarchical path of the unit. When you modify a unit, the path will be updated automatically as long as you use official APIs. If you update the unit via SQL, make sure to also update the unit path accordingly. Or use the batch job RecreateLocalizedHnamesJob, which recreates all hierarchical information of a unit.

DB attributeJava data type (max. size), defaultsDescription
unit_idLong, not NULLForeign key that links to information in the table TIDMA_UNIT.
pathString, not NullThe path of the unit in the hierarchical tree, based on the unit IDs. For example: "/1000/2013/2134"In this example path, "2134" is the ID of the current unit, and "2013" the ID of its parent.

Database table TIDMA_UNIT_CRED_POLICY

This table holds the assignments of credential policies to units. These assignments are used as "restriction". If there is at least one assignment for a specific unit and credential policy type, then only these policies can be used for new credentials of a user that belongs to that unit. If there is no such assignment, all policies of the given credential policy type may be assigned to the new credential.

DB attributeJava data type (max. size), defaultsDescription
cred_policy_idLong, not NULLForeign key that links to information in the table TIDMA_POLICY
default_policyBoolean, not NULLDefines if the credential policy is the default one among the credential policies assigned to the unit and of the same policy type.
unit_cred_policy_idLong, not NULLPrimary key (uniquely identifies each individual DB entry)
unit_cred_policy_idLong, not NULLPrimary key (uniquely identifies each individual DB entry)
unit_idLong, not NULLForeign key that links to information in the table TIDMA_UNIT