Blog
dxqueue
At WedaCon Informationstechnologien GmbH, we specialize in Identity and Access Management (IAM), helping organizations get their IAM systems fully under control. Managing Micro Focus Identity Manager (IDM) can be tricky. Ensuring that every new user, group, or attribute update reaches all connected systems reliably often requires careful planning and custom scripting. That’s where a tool like dxqueue come in, giving administrators and developers a way to safely inject, replay, or test DX/XDS events in driver queues.
November 5, 2025
How WedaCon Simplifies IIQ Development with Maven
Managing identities, access, and workflows in a modern enterprise isn’t easy and neither is building the software that supports it. SailPoint IdentityIQ (IIQ) provides a powerful but complex framework for IAM. Its internal build processes rely on Apache Ant, a flexible yet manual system. For growing teams or large deployments, this can mean repetitive tasks, scattered dependencies, and occasional surprises when deploying plugins or patches or adding/updating depedencies. Another build tool is Maven: a tool that promises automation, consistency, and easier dependency management. But Maven is not a silver bullet which comes without its own challenges, especially when applied to a proprietary system like IIQ.
October 20, 2025
Capabilities Crawler
At WedaCon Informationstechnologien GmbH, we specialize in Identity and Access Management (IAM), helping organizations unlock the full potential of SailPoint IdentityIQ (IIQ). Beyond core platform capabilities, we assist clients in creating tailored solutions to their needs. One area that often causes friction for IIQ teams is understanding where entitlements are actually used. While IIQ’s UI lists the SpRights in the system, it does not provide insight into where these rights are checked in the application code. This gap can make audits, testing, and compliance reviews error-prone.
October 17, 2025
WedaCon Generic File Upload
A governance platform like SailPoint IdentityIQ is at the core of identity management in many organizations. But many on-boarding or provisioning processes still rely on manually uploading CSV or Excel files to a server. This involves SSH access, manual file placement, and operational risk. The WedaCon Generic Uploader plugin changes that: by providing a secure web interface and automating the task launch, it makes IdentityIQ file processing safer, faster, and easier.
October 2, 2025
WedaCon Refresh Plugin
While SailPoint IdentityIQ (IIQ) is a powerful platform for identity and access management, one functionality it lacks out of the box is the ability to refresh or aggregate a single identity on demand. By default, IIQ is optimized for bulk operations, which can be slow or cumbersome when only one identity needs updating. At WedaCon Informationstechnologien GmbH, we recognized this gap and developed a custom IIQ plugin, enabling tailored, on-demand operations for individual identities. This plugin gives administrators and external systems immediate, precise, and auditable control over identity refresh and aggregation.
September 23, 2025
Unlocking the Full Potential of SailPoint IdentityIQ with Custom Plugins
At WedaCon Informationstechnologien GmbH, we specialize in Identity and Access Management (IAM), helping organizations maximize the power of SailPoint IdentityIQ (IIQ). Over the years, we’ve seen many companies struggle to extend IIQ’s functionality in a maintainable, scalable way, especially when relying solely on built-in BeanShell scripting for custom logic. While BeanShell scripting allows administrators to embed custom logic directly into workflows, rules, and tasks, it comes with significant limitations. At WedaCon, we help organizations move beyond these constraints by designing and implementing robust, maintainable IIQ plugins.
September 17, 2025
Visualize and Edit Your IdentityIQ Schemas with the WedaCon DBML Editor
At WedaCon Informationstechnologien GmbH, we spend a lot of time helping organizations get the most out of SailPoint IdentityIQ. Its flexibility is unmatched, but that flexibility often comes at a price: complex, XML-heavy configurations that are difficult to read, navigate, and visualize. In our recent post, we introduced our DBML Converter, which translates XML files like IdentityIQ ObjectConfig files into DBML (Database Markup Language) so schemas can be visualized instantly. But conversion is just the first step.
September 17, 2025
Turning SailPoint ObjectConfig into Database Diagrams with DBML
SailPoint IdentityIQ is one of the most powerful identity governance platforms on the market. But anyone who has worked with it knows that its configuration files can be difficult to navigate. The ObjectConfig format may contain everything you need, but in practice it is verbose, XML-heavy, and nearly impossible to visualize at a glance. This post explores the challenge of visualizing SailPoint ObjectConfigs and presents our lightweight, automated converter that translates them into DBML, a format that can instantly generate database diagrams. Even better, those DBML files can be opened in our custom DBML editor (more on that here) for enhanced collaboration.
September 15, 2025
SailPoint IdentityIQ Docker Environment
Deploying SailPoint IdentityIQ has traditionally been a meticulous, server-by-server process, demanding careful manual configuration and constant vigilance to maintain consistency. This complexity can slow down projects, introduce errors, and make scaling a significant challenge. This post introduces a streamlined, containerized deployment strategy that transforms IdentityIQ into a modern, agile, and resilient platform for any environment. The Case The standard IdentityIQ installation process is a gauntlet of manual steps that presents significant operational challenges. Administrators and DevOps teams must meticulously configure databases, tune application servers like Tomcat or JBoss, and manage system properties. This traditional approach is fraught with issues: stateful components like the database and sailpoint.home files resist modern, stateless infrastructure design. Configuration drift becomes almost inevitable, as subtle differences between development, testing, and production environments creep in through manual XML and property file edits. Furthermore, memory-heavy tasks like aggregations require careful, environment-specific resource tuning, and scaling out can be complicated by licensing constraints. The result is a brittle deployment that is slow to provision, difficult to replicate, and prone to error, hindering an organization’s ability to respond quickly to new business needs.
September 15, 2025
Qlinker: Your Shortcut to IdentityIQ Productivity
A governance platform like SailPoint IdentityIQ is at the core of identity security in many organizations. But anyone who has worked with it knows that navigation often takes multiple clicks and deep menu paths slowing user experience down. The WedaCon Quicklinker plugin changes that: by centralizing and simplifying navigation with Quicklinks, it makes IdentityIQ faster and easier to use. The Case In standard IdentityIQ, reaching common tasks like creating a new identity, reviewing approvals, or accessing external links like for switching between the classic and modern UI often requires multiple steps. Quicklinks exist in the system, but they are buried in menus and inconsistently exposed. Users either have to memorize paths or IT needs to provide custom documentation. This slows adoption, increases support requests, and makes administrators spend more time on “click work” instead of governance.
September 15, 2025
Secretshare - How to Share Sensitive Information Securely
Sensitive data, from passwords to confidential logs, is frequently shared through unencrypted channels like email, creating significant security risks. This habit exposes organizations to potential breaches and compliance failures. This article introduces a self-hosted, secure alternative that empowers your teams to collaborate safely without compromising convenience or control. The Case In today’s fast-paced digital environment, sharing information quickly is essential. However, the convenience of tools like email or public pastebins often comes at a steep price: security. When employees share credentials, API keys, or private code snippets through these channels, the data is left vulnerable and unencrypted. This practice creates a blind spot in your security posture, risking accidental leaks, unauthorized access, and non-compliance with regulations like GDPR and HIPAA. A single mistake on a public platform can lead to a major data breach, damaging your organization’s reputation and bottom line. The core problem is the lack of a simple, secure, and controlled method for sharing temporary, sensitive text.
September 14, 2025
SailPoint IdentityIQ capabilities and sprights matrix
The Case In SailPoint IdentityIQ, authorizations are controlled using ‘capabilities’ and ‘sprights’. SailPoint itself offers an (regulary) updated version and matrix explaining which capability is assigned to sprights, see SailPoint Compass for reference (SailPoint Compass Access required). The document mentioned above is very helpful to get an overview on the authorizations ‘out of the box’, but to achieve the same for an already running, implemented and actively operated instance is not that straight forward.
September 10, 2025
Securing AI Agents: How Model Context Protocol Transforms IAM
The modern enterprise is a complex ecosystem of interconnected systems, applications, and data. As organizations accelerate their digital transformation journey, the demands on Identity and Access Management (IAM) have never been greater. IAM is no longer just about user provisioning; it’s about securing every digital interaction, ensuring compliance, and providing a seamless, efficient experience for users and administrators alike. At WedaCon Informationstechnologien GmbH, we specialize in navigating this complexity, delivering robust and intelligent IAM solutions that form the bedrock of secure digital operations.
September 9, 2025
Digital Summit Nord-Westfalen 2025
Die globalen Disruptionen sorgen auch für die IT-Verantwortlichen der nord-westfälischen Wirtschaft für völlig neue Herausforderungen. Der Digital Summit Nord-Westfalen 2025 bringt am 23. September 2025 im IHK-Bildungszentrum in Münster rund 200 IT-Expert*innen, Entscheider*innen und Innovator*innen zusammen. Im Fokus stehen die Digitale Souveränität der Geschäftsmodelle, die Resilienz der IT-Infrastrukturen in Krisenzeiten und der zukünftige Einsatz von Künstlicher Intelligenz als strategischen Erfolgsfaktor. Was heißt das genau? Digitale Geschäftsmodelle: Souveränität erreichen und sichern Über Jahrzehnte haben sich Unternehmen in Europa und damit auch in unserer Region in Abhängigkeit von IT-Dienstleistern aus den USA gebracht, die als stabile und innovative Partner bekannt sind. Heute stellt sich die Frage, wie verlässlich die Leistungen zur Verfügung stehen können, wenn politischer Druck entsteht oder ein transatlantischer Handelskrieg ausbrechen würde.
September 2, 2025
YIAM© QuarterDeck AuditLogger
Flexible Audit Log Forwarding for SailPoint IdentityIQ Audit transparency is a key requirement in enterprise Identity Governance programs. SailPoint IdentityIQ captures detailed audit trails in its internal database, but getting these events into modern SIEM systems like Microsoft Sentinel, Splunk, or Elastic remains a challenge, especially when direct database access is limited or not allowed. To address this, we introduce the YIAM© QuarterDeck AuditLogger. This IdentityIQ plugin is designed to streamline the delivery of audit events to external systems using log4j2.
June 24, 2025
Query Your Graph with Natural Language
Ever wished you could just ask your database questions in plain English instead of crafting complex Cypher queries? With our new Proof of Concept, that’s now possible. We’ve integrated Neo4j, Ollama, and OpenWebUI into a single, streamlined experience, letting you query your graph database with nothing but natural language. The Stack Behind the Magic This project brings together: Neo4j – a powerful graph database engine Ollama – your local LLM runtime, running models like Qwen, Llama or Mistral efficiently Model Context Protocol (MCP) – a new open protocol to allow models to use external tools Open WebUI – an intuitive interface for interacting with your LLMs and tools All components are containerized using Docker, and the setup process takes only a few moments.
May 5, 2025
Schema Extensions and Sync Options Entra-DS and Entra-ID
Background Extending the schema in Directory Services is crucial for organizations seeking to enhance their identity and access management capabilities. The default schema may not always accommodate unique business requirements or emerging technologies. By extending the schema, organizations can introduce custom attributes and classes, enabling more granular control over user identities, groups, and resources. This flexibility allows for better alignment with specific operational needs, improved data management, and enhanced security protocols.
April 10, 2025
Welcome to the New WedaCon Blog!
At WedaCon we are always looking for ways to enhance our expertise in Identity and Access Management and provide valuable content to our audience. Our blog has been a valuable resource for key insights in IAM and other related topics, but until now, it has been a static website with limited flexibility and efficiency. The latest changes of our blog bring a range of benefits that will make it more dynamic and efficient. Let’s dive into the changes we’ve made, why we made them, and what you can expect from us moving forward.
March 26, 2025
IAM Software Development
Identity and access management (IAM) is a critical component of modern software systems, ensuring that only authorized users have access to sensitive data and resources. In recent years, there has been an increasing focus on developing IAM solutions that are flexible, scalable, and secure, leveraging emerging technologies and development methodologies. This article provides an overview of current trends and best practices in IAM software development, with a focus on the use of programming languages such as Java, Ecmascript, Typescript, and Python, as well as XML handling and architectures such as microservices and Java application servers.
April 1, 2023
Knowledge Transfer Principles
Challenge Information Technology is a complex topic. Life itself is another complex topic. And living and breathing for Information Technology is even more complex. To survive in today’s multiplexed world, you need a good and solid understanding of the processes, opportunities and pitfalls surrounding you not only in the IT-Sector, but also when dealing with the ‘soft’ facts and skill (some call it OSI-Modell Layer 8).
April 1, 2023