Geeks With Blogs
Old blog. Blog moved to I would delete this...but I don't see the option

Build automated unit tests for your identity management solutions just like you would a normal development  project. Trust me. Here's why:

Test Driven Design: design your test first. do your craft until the test passes.
Comfort and assurance: you know because you've run them 1001 times. others can run them too.
Free documentation: requirement and business rules can be inferred from the test cases.
Fix problems instead of looking for them: you will spend almost no time looking for defects

Yes, it requires an upfront investment but the payback is tremendous. Here's how.

First, familiarize yourself with a unit testing framework. My favorite is NUnit, which is simple, free, and used by the masses.

Next, get creative. If your connected data sources consist of SQL Server, Active Directory, or any open platform, you'll simply be setting up data to validate your tests. For example, using SQL Server, I like to create a table with as little representative data as I can get away with, maybe 5 - 20 rows. I call this table UnitTestExportStatic. Then, I clone that table into another table, UnitTestExportRunnable. During setup of my test execution, I truncate UnitTestExportRunnable and copy all the rows from UnitTestExportStatic. I can freely make changes, such as updating an attribute to test the flow, to UnitTestExportRunnable throughout the testing of the management agent run profile sequences.

Create one test fixture (a group of related tests) per management agent run profile sequence. Run as many sequences as you need to test some scenarios. For instance, my favorite tests have an active person that goes inactive, then gets reactivated. This takes 3 cycles to test each condition.  Name them something like A__InitialRun, B__SecondRun, etc, and be sure they run in order. Test fixtures support running setup code, which will run before any tests. Here is where you do things like delete accounts, update phone numbers, create accounts, and invoke the run profiles using the remote wmi calls.

public void SetUpAll()

 new Setups.SetupEntitleSubContractorsForTeamSiteAndSubportalAccess().Run();
 new Setups.SetupAddMockUser02().Run(); 
 new Setups.SetupInactivateMockUser06().Run();
 new Setups.SetupUpdateMockUser03Attributes().Run();
 new Setups.SetupRunAllManagementAgents().Run();


Here's a sample of vbscript to execute a remote wmi call to MIIS. Just pass in the management agent Guid and the run profile name.

 Dim Locator
 Dim Service
 Dim ManagementAgent
 Dim MASet
 Dim MA
 Const PktPrivacy = 6
 Const wbemAuthenticationLevelPkt = 6
 Set Locator = CreateObject("WbemScripting.SWbemLocator")
 Locator.Security_.AuthenticationLevel = wbemAuthenticationLevelPkt
 Set Service = Locator.ConnectServer("[your server]", "root/MicrosoftIdentityIntegrationServer", "[domain\user]", "[password]")
 Set MASet   = Service.ExecQuery("select * from MIIS_ManagementAgent where Guid = '{" & WScript.Arguments(0) & "}'")
 for each MA in MASet

 So, you're well on your way to a fully automated unit tests. Almost. The only thing you cannot automate (with MIIS) is the deletion of connector space objects. You must open the MIIS console, right-click every MA, choose delete, make sure it's 'delete connector space only', and click ok. I guess this is for the best, but 10 or so clicks is really nothing compared to the payback of automating the rest.

Last, I'll leave you with one challenge: stick with it. Again, there is an upfront investment but it's has an incredible return. Plus, it is always possible to automate a test. Ok, it's not always possible to automate a test, but you can still include the 'not-automatable' test in your unit test project with my handy-dandy 'human intervention' class.

public class HumanIntervention
 public static void Assert(string test)
  DialogResult result = MessageBox.Show
   (test, "Human Involvement", MessageBoxButtons.YesNo);

  if (result == DialogResult.No)
   throw new ApplicationException("A human involved test failed: " + test);



Using human intervention in your unit tests:

public void MockUser03AddedToBlackBoxSystem()
 HumanIntervention.Assert("Was Mock User 03 successfully added to Black Box?");




Posted on Thursday, January 17, 2008 3:38 PM | Back to top

Comments on this post: Gain confidence with your MIIS or ILM Identity Management solutions

# re: Gain confidence with your MIIS or ILM Identity Management solutions
Requesting Gravatar...
I cant believe no one has read your post. This is really sweet. I've been looking for a way to unit test MIIS for almost 18 mos. I heard there was a presentation on it at DEC 2008 but I didnt see one in the presentations I rec'd. What kind of coverage do you have on your MIIS codebase?
Left by Greg B on Apr 04, 2008 3:04 PM

Your comment:
 (will show your gravatar)

Copyright © Thomas Gathings | Powered by: