URM Service SmartObjects

Microsoft Azure Active Directory is now Microsoft Entra ID

Use the URM (User Role Management) service SmartObjects to find and get groups, get security labels, get user roles, and get user details.

The following SmartObjects are available with URM service instance:

UMGroup

Use the UMGroup SmartObject to find, get, and get details of user groups.

Name	Notes
Get Group Details	Requires FQN (Fully Qualified Name). Returns the description and email of the group FQN provided.
Get Groups	You can use a user Name or an FQN (Fully Qualified Name) as the identifier. Returns a list of all the groups available, based on the Label name. Returns FQN, Group Name, Name, Description, and Email for each group.
Find User Groups	You can use a user Name, group Description, or Group Name as the identifier. Returns a list of groups that a user is a member of. Requires User Name and Label Name.

Property Name	Type	Example	Notes
FQN (Fully Qualified Name)	Text	K2:DENALLIX\Bob	Made up of security label, domain, and user name.
GroupName	Text	Finance	Returns the group name
Name	Text	Bob
Description	Text		Returns the description of the group
Email	Text	bob@denallix.com

Use the UMLabel SmartObject to return details of security labels, such as K2 and SharePoint.

Name	Notes
Get Labels	Use a user Name as the identifier. Returns a list of Labels from your environment. For example, SharePoint, K2, CRM, etc.
Get Auth Labels	Use a user Name as the identifier. Returns a list of Labels from your environment. For example, SharePoint, K2, CRM, etc.

Property Name	Type	Example	AD Source	Azure Active Directory Source	SQL Source	Notes
Name	Text	K2				Returns the security label

Use the UMRole SmartObject to get roles names and descriptions.

Name	Notes
Get Roles	You can use a Role Name or Description as the identifier. Returns a list of Role Names and their descriptions.
Get Roles for User	You can use a Role Name or Description as the identifier. Returns a list of Role Names and their descriptions that the user is a member of.
Get Roles for Group	You can use a Role Name or Description as the identifier. Returns a list of Role Names and their descriptions for the group.

Property Name	Type	Example	AD Source	Azure Active Directory Source	SQL Source	Notes
Role Name	Text	Security Administrators				For more information see Roles.
Description	Text	Built-in systems role for security Administrators				Returns the description of the role.

Use the UMUser SmartObject to get user information.

Name	Notes
Get User Details	Requires FQN (Fully Qualified Name). Returns the name, description, email, manager, SIP account, object SID, and display name of the specified user
Get Users	You can use a user Name of an FQN (Fully Qualified Name) as the identifier. Returns a list of all users in a security label.
Get User By FQN	Requires FQN (Fully Qualified Name)
Get Role Users	Requires FQN (Fully Qualified Name)
Get Users for Roles	You can use a user Name of an FQN (Fully Qualified Name) as the identifier
Get Group Users	You can use the group Name, Description, or GroupName as the identifier
Get Roles for User	You can use the group Name, Description, or GroupName as the identifier
Get Roles for Group	You can use a user Name of an FQN (Fully Qualified Name) as the identifier

Property Name	Type	Example	Notes
FQN (Fully Qualified Name)	Text	K2:DENALLIX\Bob	Made up of security label, domain, and user name.
Name	Text	DENALLIX\Bob	Made up of domain and user name.
Description	Text
Email	Text	bob@denallix.com
Manager	Text	K2:DENALLIX\Holly (Bob’s manager)
Sip Account	Text	sip:user@domain:port sip:bob@denallix.com	Typically stored in the ProxyAddresses attribute. SIP stands for 'Session Initiation Protocol' which is a signalling communications protocol mostly used for transferring voice and video calls over IP networks.
Object SID	Text		All objects in Active Directory have a GUID (the objectGUID attribute), but only security principals have a SID (the objectSID attribute).
Display Name	Text	Bob Maggio