Service Provider includes a configurable search capability to aid in administering user accounts. Only the users within your scope, (as defined by your organization, and perhaps other factors) are returned in a search.
To perform a basic search of service provider users, from the Accounts area in the Identity Manager interface, click Manage Service Provider Users, then enter the search value and click Search.
The following topics discuss the Service Provider search features:
Use the following instructions to perform an Advanced Search of Service Provider users.
From the Service Provider Users Search page, click Advanced.
Choose the desired Attribute from the list.
Choose the desired Operation from the list.
You are specifying a set of conditions in order to filter the users returned from the search and that the users returned must meet all of the specified conditions.
Enter the desired search value, and then click Search.
You can add or remove Attribute Conditions, using the following options:
Click Add Condition and specify the new attribute.
Select the item and click Remove Selected Conditions.
Service Provider search results are displayed in a table, as depicted in Figure 17–11. The results can be sorted by any attribute by clicking on the column header for that attribute. The results displayed depend on the attributes you selected.
The arrow buttons navigate to the first, previous, next, and last pages of results. You can jump to a specific page by entering the number in the text box and pressing Enter.
To edit a user, click the user name in the table.
The search results page enables you to delete users or unlink resource accounts, by selecting one or more users and clicking the Delete button. This action brings up a delete user page and presents additional options (see Delete, Unassign, or Unlink Accounts)
Service Provider may be installed in environments in which users have accounts on multiple resources. The account linking feature of Service Provider enables you to assign existing resource accounts to Service Provider users in an incremental fashion. The account linking process is controlled by the Service Provider linking policy, which defines a link correlation rule, a link confirmation rule, and a link verification option.
In the Administrator interface, click Resources in the menu bar.
Select the desired resource.
Select Edit Service Provider Linking Policy from the Resources Action menu.
Select a link correlation rule. This rule searches for accounts on the resource that the user may own.
Select a link confirmation rule. This rule eliminates any resource accounts from the list of potential accounts that the link correlation rule selects.
If the link correlation rule selects no more than one account, then the link confirmation rule is not required.
Select Link verification required to link the target resource account to the Service Provider user.
Click Accounts from the menu bar.
Click Manage Service Provider Users.
Perform a basic or advance search.
Select the desired user or users.
Click the Delete button.
Select one of the optional global options.
These options include:
Delete All resource accounts
Deleting a resource deletes the account, but the resource assignment still exists. A subsequent update of the user recreates the account. Delete always implies an unlink of the resource account.
Unassign All resource accounts
Unassigning a resource removes that resource assignment. Unassign implies an unlink of the resource account. The resource account is not deleted when the resource is unassigned.
Unlink All resource accounts
Unlinking removes the link between a user and the resource account, but this does not delete the account. The resource assignment is not removed either, so a subsequent update to the user relinks the account or creates a new account on the resource.
Alternatively, select an action for one or more resource accounts in the Delete, Unassign, or Unlink columns.
After selecting the desired user accounts, click OK.
In the Administrator interface, click Accounts in the menu bar.
Click Service Provider.
These options are only valid for the current login session. The options effect how the search results are displayed, that they effect both the basic and advanced search results, and that some settings only take effect on new searches.
Enter the Maximum Results Returned.
Enter the Number of Results Per Page.
Choose the desired Display Attribute from the Available Attributes using the arrow keys.