manualshive.com logo in svg

Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1, Implementation Manual

Share
Download
Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 Implementation Manual Download Page 26

26

Identity Manager 3.6.1 Driver for Role-Based Entitlements: Implementation Guide

no

vd

ocx 

(e

n)

  

17

 Sep

te

m

be

r 20

09

Add Object: 

Use this option to browse for and select the objects that you want to make the 

policy a trustee of. 

Rights to Selected Objects: 

Click an object in the Object Name list to view the policy’s rights 

to the object. You can add or remove rights by selecting or deselecting the desired rights. The 
Inherit check box determines whether the rights flow down in the tree. For example, if you are 
assigning rights to a container object, and you want the entitlement policy to have the same 
rights to the objects and subcontainers that are below that container, select the 

Inherit

 check 

box. 

Add Property: 

In addition to doing a global assignment of rights to all properties ([All 

Attributes Rights]), you can assign rights to specific properties. This lets you limit rights to 
some properties and expand rights to others. To add a property, click 

Add Property

 to browse 

for and select the desired property. After the property is added to the Rights to Selected Objects 
list, make the assigned rights modifications that you want. 

Remove Object or Property: 

Click the   button to remove an object from the Object Name 

list or a property from the Rights to Selected Object list.

11

On the 

Step 6 of 6: Entitlement Policy Summary

 page, review the policy information, then click 

Finish

 to create the policy and add it to the Entitlement Policy List.

12

Click 

Restart

 to start the Entitlements Service driver.

After the driver starts, it evaluates the new policy (and all other policies in the list) and grants 
the appropriate entitlements to the policy members.

Summary of Contents for IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1

Page 1: ...m novdocx en 17 September 2009 AUTHORIZED DOCUMENTATION Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide Identity Manager Entitlements Service Driver 3 6 1 June 05 2009 I...

Page 2: ...o export or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agree to not use deliverables for prohibi...

Page 3: ...r 2009 Novell Trademarks For a list of Novell trademarks see Trademarks http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the property of th...

Page 4: ...4 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 5: ...17 3 2 2 Configuring the Driver Settings 19 3 2 3 Starting the Driver 19 3 3 Activating the Driver 19 4 Upgrading an Existing Driver 21 4 1 Supported Upgrade Paths 21 4 2 What s New in Version 3 6 1 2...

Page 6: ...iver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009 A 1 3 Authentication 38 A 1 4 Startup Option 38 A 1 5 Driver Parameters 39 A 1 6 ECMAScript Designer Only 39 A 2 Glob...

Page 7: ...ole based entitlements Feedback We want to hear your comments and suggestions about this manual and the other documentation included with this product Use the User Comment feature at the bottom of eac...

Page 8: ...8 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 9: ...driver is one of three entitlement agents that you can use to grant entitlements or permission slips to users The other two entitlement agents are the role based provisioning component and workflow b...

Page 10: ...iated with the policy Users assigned to the policy receive all of the entitlements associated with the policy If the user is removed from the policy he or she loses all entitlements associated with th...

Page 11: ...RBEs because they are granted to users who are members of or have a role in an entitlement policy Only the Entitlements Service driver uses Role Based Entitlements and entitlement policies The two ot...

Page 12: ...12 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 13: ...Entitlements Guide http www novell com documentation idm36 idm_entitlements data bookinfo html Create a new Entitlements Service driver or Upgrade an existing Entitlements Service driver to the new ve...

Page 14: ...14 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 15: ...our environment After you ve created and configured the driver you need to deploy it to the Identity Vault and start it Section 3 1 1 Importing the Driver Configuration File on page 15 Section 3 1 2 C...

Page 16: ...ion Host Specify the IP address or DNS name of the server hosting the Identity Vault Username Specify the DN of the user object used to authenticate to the Identity Vault Password Specify the user s p...

Page 17: ...guration File on page 17 Section 3 2 2 Configuring the Driver Settings on page 19 Section 3 2 3 Starting the Driver on page 19 3 2 1 Importing the Driver Configuration File 1 In iManager click to disp...

Page 18: ...nue with the next section Configuring the Driver Settings or To skip the configuration settings at this time click Finish When you are ready to configure the settings continue with the next section Co...

Page 19: ...ge 4 Conditional If the Entitlement driver s Summary page for the Import Configuration wizard is still displayed click Finish WARNING Do not click Cancel on the Summary page This removes the driver fr...

Page 20: ...n 17 September 2009 For information on activation refer to Activating Novell Identity Manager Products http www novell com documentation idm36 idm_install data afbx4oc html in the Identity Manager 3 6...

Page 21: ...pported Upgrade Paths on page 21 Section 4 2 What s New in Version 3 6 1 on page 21 Section 4 3 Upgrade Procedure on page 21 4 1 Supported Upgrade Paths You can upgrade from any 3 x version of the Ent...

Page 22: ...22 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 23: ...to the policy receive all of the entitlements associated with the policy If the user is removed from the policy he or she loses all entitlements associated with the policy To create an entitlement pol...

Page 24: ...o the object you logged in as but you can change it to an object with the appropriate rights For example if you log in as the administrator there might be parts of the tree that you have rights to tha...

Page 25: ...Users page add the entitlements you want associated with the policy To do so 9a Click Add Driver to display a list of drivers with entitlements 9b Select the driver with the entitlement you want to a...

Page 26: ...n to doing a global assignment of rights to all properties All Attributes Rights you can assign rights to specific properties This lets you limit rights to some properties and expand rights to others...

Page 27: ...is making changes to policies As another example the Identity Manager driver configurations don t revoke entitlements that have values from a user account in another system If a user is granted membe...

Page 28: ...28 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 29: ...swords to securely store passwords associated with the driver Monitoring the driver s health status Backing up the driver Inspecting the driver s cache files Viewing the driver s statistics Using the...

Page 30: ...30 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 31: ...our production environment while your changes to policies are incomplete Similarly the Entitlements Service Driver won t start if more than one person appears to be editing Entitlement Policies at the...

Page 32: ...nts membership in a GroupWise e mail distribution list named Trade Show Mailing List and he is excluded from membership in the Trade Show Managers Policy that also assigns the e mail distribution list...

Page 33: ...ity Manager Identity Manager Overview then select a driver set 2 Click the Driver status button then select Stop driver 3 Click the driver icon for the driver that offers the entitlement you want to c...

Page 34: ...t resolution priority then the order of the list of Entitlement Policies matters but only for those entitlements you changed For information about these values see Conflict Resolution between Entitlem...

Page 35: ...Troubleshooting Role Based Entitlements 35 novdocx en 17 September 2009 4 Click Close to restart the driver Changes in priority don t take effect until the driver is restarted...

Page 36: ...36 Identity Manager 3 6 1 Driver for Role Based Entitlements Implementation Guide novdocx en 17 September 2009...

Page 37: ...on page 2 Open the driver set that contains the driver whose properties you want to edit To do so 2a In the Administration list click Identity Manager Overview 2b If the driver set is not listed on th...

Page 38: ...mote Loader This setting does not apply to the Entitlements Service driver You cannot use the driver with the Remote Loader A 1 2 Driver Object Password iManager Only Option Description Driver Object...

Page 39: ...driver parameters you want to modify Edit XML Opens an editor so that you can edit the driver s configuration file Driver Options There are no general driver options Subscriber Options Result Threshol...

Page 40: ...river set 2c Click the driver set to open the Driver Set Overview page 3 Locate the Entitlements Service driver icon then click the upper right corner of the driver icon to display the Actions menu 4...

Reviews:

No comments

Brands by name

Popular brands

Load more brands