How does the new isolation type in PowerShell component NAT4 prevent dependency conflicts?

The isolation type allows external executables called from PowerShell to run with their own dependencies in an isolated environment, preventing conflicts with Identity Manager's core dependencies. This is particularly useful when third-party tools require different versions of shared libraries than what Identity Manager uses.

What happens to existing customizations that used the old QBM CEF definition table?

The QBM CEF definition table has been renamed to QBM CEF message. Any customizations referencing the old table name must be updated to use the new table name. The functionality remains similar, but the table structure has been enhanced to support the expanded SIEM message capabilities.

Identity Manager 10 LTS: Base Engine & Developer Updates

Name: Identity Manager 10 LTS: Base Engine & Developer Updates
Uploaded: 2026-04-25T19:13:01-04:00
Duration: 14 min 5 s
Description: TL;DR PowerShell component NAT4 now supports isolated execution of external executables with independent dependencies, preventing conflicts with Identity Manager's core dependencies Login and logout auditing has been re-architected with separate stora...

One Identity

04/25/2026

0 (0%)

Report Like Favorite

TL;DR

PowerShell component NAT4 now supports isolated execution of external executables with independent dependencies, preventing conflicts with Identity Manager's core dependencies
Login and logout auditing has been re-architected with separate storage in QBM login audit table, configurable retention policies, and full syslog server integration for SIEM workflows
Developer tools enhanced with hash A tag for assembly references, solution folder support in database compiler, parameter set debugging, and multi-step foreign key resolution across tables
Configuration improvements include value range enforcement for custom properties, encrypted database connections, and the ability to create related objects directly from parent forms without custom code
AWS Secrets Manager integration enables loading configuration from cloud secrets with configurable reload intervals and standard AWS SDK credential resolution

Base Engine Enhancements and Dependency Management

The Identity Manager 10 LTS update introduces critical improvements to handle dependency conflicts that arise from faster software development cycles. A new isolation type in the PowerShell component NAT4 allows external executables to run with their own dependencies without conflicting with Identity Manager's core dependencies. This addresses situations where applications called from PowerShell or other components require different dependency versions. Additionally, AWS Secrets Manager support has been implemented, enabling configuration options to be loaded from AWS secrets with configurable reload intervals. The system uses standard AWS SDK chain resolution when no region is specified, providing flexible credential management for cloud-integrated deployments.

Audit Architecture and SIEM Integration

Login and logout auditing has been completely re-architected, moving from a single table to separate storage locations in the new QBM login audit table. All audit messages can now be sent to syslog servers, with configurable retention periods for successful logins, failed logins, and logouts via the common journal login audit parameters. The SIEM integration has been significantly expanded with an increased number of predefined messages that are fully syslog-compatible. New triggers generate messages for DBQ operations, job queue operations, user account creation, and permission grants, all stored in the renamed QBM CEF message table with automated cleanup processes to prevent table bloat.

Developer Tools and Script Enhancements

Script development capabilities have been enhanced with the new hash A tag for referencing standalone assemblies with dependencies directly in scripts, complementing the existing hash R tag for NuGet packages. The database compiler now supports specifying solution folders for build operations and includes a cleanup after build parameter to automatically clear the assembly cache directory post-compilation. The system debugger has been upgraded to support testing and debugging of parameter sets, a capability previously unavailable. The object layer now supports multi-step resolving of foreign keys for display values, allowing traversal across multiple tables to build comprehensive display names, though this comes with potential performance implications for loading times.

Configuration Improvements and Security Features

Several ease-of-configuration enhancements have been introduced, including the ability to define value ranges with minimum and maximum values for numbered fields in custom properties. When values outside the defined range are entered, the system automatically limits them to the nearest boundary without generating error messages, which is particularly beneficial for automated processes. The customizer now prevents conflicting settings between log changes and no log flags on attributes. Multiline content fields support enforced carriage return and line feed formatting for Windows compatibility. Database connections in app settings.json can now be encrypted via an option in the app server installer. A significant usability improvement allows creating new related objects directly from parent object forms through configuration rather than requiring custom forms or hardcoded implementations.

Chapters

0:00 - Dependency Isolation in PowerShell
1:26 - AWS Secrets Manager Support
3:01 - Login and Logout Audit Re-architecture
4:02 - Cloud Assistant Processing Updates
5:07 - SIEM Integration Enhancements
6:39 - Script Development Improvements
7:56 - System Debugger Parameter Sets
8:17 - Multi-step Foreign Key Resolution
10:07 - Value Range Configuration
12:23 - Connection Encryption and Object Creation

Key Quotes

0:15 "With a much faster software development we have seen in the last years, more and more dependencies specific applications does have are running us into conflict situations."
0:50 "In the PowerShell component NAT4 we just implemented the isolation type. That means it is now possible just to run such .exes in an isolated level so that it could run with its own dependencies and not harming the identity manager dependencies or need to use them."
3:01 "The re-architecture of login and logout audits. In the past all happened in the same table. Now we splitted them into different locations."
5:13 "An increased number of predefined messages exists. They are provide the old and the new values for a change. They are supporting additional messages for login and logout. They are also having messages for DBQ operations and job queue operations available, user account creation and permission granted."
6:50 "Standalone assemblies with dependencies can now be referred directly in scripts using the hash A tag."
11:09 "Another good message is that no error message is generated. That is especially good for automated processes. Just the limitation will happen."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

04/30/2026

10:00 AM

04/30/2026

Insights into SaaS Data Protection from the Keepit Annual Data Report 2026

https://www.truthinit.com/index.php/channel/1868/insights-into-saas-data-protection-from-the-keepit-annual-data-report-2026/
04/30/2026

01:00 PM

04/30/2026

The New Economics of a VMware Exit

https://www.truthinit.com/index.php/channel/1880/the-new-economics-of-vmware-exit/
05/06/2026

02:00 AM

05/06/2026

Detecting Cyber Attacks Before They Evolve Into Breaches with AI Insights

https://www.truthinit.com/index.php/channel/1886/detecting-cyber-attacks-before-they-evolve-into-breaches-with-ai-insights/
05/06/2026

10:00 PM

05/06/2026

World Password Day: Strategies for Managing Your Passwords Effectively.

https://www.truthinit.com/index.php/channel/1913/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

05:00 AM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively.

https://www.truthinit.com/index.php/channel/1914/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

01:00 PM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively

https://www.truthinit.com/index.php/channel/1915/world-password-day-strategies-for-managing-your-passwords-effectively/
05/12/2026

01:00 PM

05/12/2026

Transforming Black Box to Glass Box: Revealing Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1895/transforming-black-box-to-glass-box-revealing-hidden-threats-and-ai-risks-through-data-lineage/
05/12/2026

11:30 PM

05/12/2026

Implement Effective Strategies for Securing Active Directory and Minimizing Data Exposure

https://www.truthinit.com/index.php/channel/1888/implement-effective-strategies-for-securing-active-directory-and-minimizing-data-exposure/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Black Box to Glass Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-black-box-to-glass-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Spring of Satori: A Deep Dive into 2026's Threat Landscape and Findings

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-a-deep-dive-into-2026s-threat-landscape-and-findings/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/28/2026

10:00 AM

05/28/2026

Transforming AI from fantasy to purposeful management

https://www.truthinit.com/index.php/channel/1924/transforming-ai-from-fantasy-to-purposeful-management/