test

Sun Identity Manager Deployment Guide

Enabling Self-Discovery

The Identity Manager User Interface can be configured to allow Identity Manager users to discover their own resource accounts. This means that a user with an Identity Manager identity can associate it with an existing, but unassociated, resource account. Self-discovery can be enabled only on resources that support pass-through authentication.

To enable self-discovery, you must edit the End User Resources configuration object, and add to it the name of each resource on which the user will be allowed to discover accounts.

ProcedureTo Enable Self-Discovery

  1. Access the Identity Manager debug page at http://PathToIDM/debug. The System Settings page is displayed.

  2. Select Configuration from the List Objects pull-down menu. The List Objects of type: Configuration page is displayed.

  3. Select the edit link for End User Resources.

  4. After the <List> element, add <String>Resource</String>, where Resource matches the name of a resource object in the repository. For example, to allow users to self-discover their accounts on resources AD and Solaris, edit the <List> element as follows:

    <List>
   <String>AD</String>
   <String>Solaris</String>
</List>

  5. Save your changes. Identity Manager returns to the System Settings debug page.

    When self-discovery is enabled, the user is presented with a new menu item on the Identity Manager User Interface (Inform Identity Manager of Other Accounts) This area allows him to select a resource from an available list, and then enter the resource account ID and password to link the account with his Identity Manager identity.