By default, a demonstration set of HR data is imported into the MySQL database to hr.hr_people. SELECT access to this table is granted to the identityiq user. In the Compose and Swarm modes, this database is accessible as db.
All data is procedurally generated by a program developed at IDW. No record is intended to resemble any real-life individuals.
This data represents an imaginary medium-sized grocery store corporation.
The data has these properties:
- There are around 8,500 full-time and part-time employees.
- There are two affiliate companies (Primary Grocers Inc and Affiliate Grocers Inc) which have separate manager hierarchies and locations.
- A few people may have a record at more than one company. For example, Jim worked as a cashier at Affiliate, then quit, then later took a job at Primary.
- Rehire practices are perfect. Identities will have no more than one record per company.
- The manager hierarchy is a consistent tree with multiple layers of managers depending on department size. Managers are mapped by employee number.
- The full assortment of employment situations is represented: hired but not started, current employee, future end dates, terminated, rehired.
- A small subset of users are current employees on leave (status
L).
The employee_number field is intended as the unique ID.
The dataset includes an ssn field with SSN-formatted randomly generated values. These values begin with 9xx so are not valid SSNs. This field is intended for demonstrating or practicing PII management.
Arbitrarily larger or smaller randomly-generated HR data sets are available on request.
We also have generated higher ed identity datasets. These feature common higher-ed situations like:
- Users coming from multiple simultaneous data sources (applicants, students, faculty, staff, alumni, contractors)
- Users having different lifecycles per affiliation
- Class and degree history
- Decades of alumni
- Affiliated hospital staff who may also be professors
- Corrupted or mistaken data from some sources
University data sets can be as small as 4,000 identities or as large as several million.
A pair of provisioning target tables are also created in the MySQL database under the database target. These tables are defined in iiq-build/sql/target.sql. They are:
users: A table containing user details, such as username, first name, and last name. The table is pre-populated with a system administrator user called admin.roles: A table containing roles, intended for use as entitlements. The roles are all pre-populated.roles_users: A table joining users to the roles they are assigned.roles_permissions: Associates roles (by name) with permissions. Each role can have more than one permission. The permissions are pre-populated. These can be used for playing with SOD policies.
Full CRUD access to these tables is granted to the identityiq user.