User Forms and Policy

In the User Forms and Policy area, shown in Figure 17–1 above, specify the forms and policies to use for service provider user administration.

To Specify Forms And Policies for Service Provider User Administration

1. Select the End User Form from the list.

   This form is used everywhere except for the Delegated Administrator pages and during synchronization. If None is selected, no default user form is used.

2. Select the Administrator User Form from the list.

   This is the default user form that is used in Administrator contexts. This includes the Service Provider Accounts edit pages. If None is selected, no default user form is used.

   ---

   Note –

   If you do not choose an Administrator User Form, then administrators will not be able to create or edit Service Provider users from Identity Manager.

   ---

3. Select a Synchronization User Form from the list.

   The Synchronization User Form is the default form used if no form is specified for a resource running Service Provider synchronization. If an input form is specified on a resource’s synchronization policy, that form will be used instead. Resources usually require different synchronization input forms. In this case, you should set the synchronization user form on each resource instead of selecting a form from the list.

4. Select an Account Policy from the list.

   The choices include any Identity Account Policy defined through Configure > Policies.

5. Select an Is Account Locked Rule from the list.

   Select a rule to be run against the Service Provider User view that can determine if an account is locked.

6. Select a Lock Account Rule.

   Select a rule to be run against the Service Provider User view that can set attributes in the view that cause the account to be locked.

7. Select a Unlock Account Rule.

   Select a rule to be run against the Service Provider User view that can set attributes in the view that cause the account to be unlocked.