With Service Provider, the value of an attribute on the user determines to which organization the user is assigned. This is specified by the Identity Manager Organization Attribute Name field in the Service Provider Main configuration (see Initial Configuration). However, the names of those organizations must match the value of a user attribute assigned in the directory server.
If the Identity Manager Organization Attribute Name is defined, then a multi-select list of available organizations appears on the Create User and Edit User pages. The short organization names are displayed by default. You can modify the Service Provider User Form to display the full organization path.
You may pick which attribute becomes the organization name attribute. The organization name attribute is then used in the Service Provider user administration pages to constrain which administrators can search for and manage that user.
There are now account ID and password policies for Service Provider and resource accounts.
The Service Provider System Account Policy is available from the main Policies table.