This guide describes how to use the SunTMIdentity Manager (Identity Manager) software to provide secure user access to your enterprise information systems and applications. It illustrates procedures and scenarios to help you perform regular and periodic administrative tasks with the Identity Manager system.
This Sun Identity Manager 8.1 Business Administrator's Guide guide is intended for use by administrators, software developers, and IT service providers who implement an integrated identity management and web access platform using Identity Manager servers and software.
An understanding of the following technologies will help you apply the information discussed in this book:
Lightweight Directory Access Protocol (LDAP)
Java technology
JavaServer PagesTM (JSPTM) technology
Hypertext Transfer Protocol (HTTP)
Hypertext Markup Language (HTML)
Extensible Markup Language (XML)
Identity Manager is a component of Sun Java Enterprise System, a software infrastructure that supports enterprise applications distributed across a network or Internet environment. You should be familiar with the documentation provided with Sun Java Enterprise System, which can be accessed online at http://docs.sun.com/coll/entsys_04q4.
Because Identity Manager Directory Server is used as the data store in an Identity Manager deployment, you should be familiar with the documentation provided with that product. Directory Server documentation can be accessed online at http://docs.sun.com/coll/DirectoryServer_04q2.
This guide is organized into the following chapters and appendices:
Chapter 1, Identity Manager Overview describes how Identity Manager and the different Identity Manager objects help you manage administrative challenges in your dynamic working environment.
Chapter 2, Getting Started with the Identity Manager User Interface describes how to use Identity Manager's graphical user interface.
Chapter 3, User and Account Management describes how to create and manager users by using the Administrator interface.
Chapter 5, Roles and Resources contains information to help you understand Identity Manager roles and resources.
Chapter 4, Configuring Business Administration Objects contains information and procedures to help you set up and maintain Identity Manager business administration objects, such as policies, email templates, audit groups and events, and more.
Chapter 6, Administration describes how to use the Administrator interface to perform different administrator-level tasks. In addition, this chapter contains information about using roles, administrative roles, and capabilities.
Chapter 7, Data Loading and Synchronization describes how to use Identity Manager's data loading and synchronization features to keep your data current.
Chapter 8, Reporting introduces Identity Manager report types and explains how to create and manager reports.
Chapter 9, Task Templates introduces Identity Manager task templates and how to use them to configure workflow behaviors.
Chapter 10, Audit Logging describes Identity Manager's auditing system.
Chapter 11, PasswordSync describes how to install, configure, and use the PasswordSync feature to detect and synchronize password changes.
Chapter 12, Security describes how you can use Identity Manager to manage system security.
Chapter 13, Identity Auditing: Basic Concepts introduces identity auditing concepts and audit controls.
Chapter 14, Auditing: Audit Policies describes how to create and manage audit policies by using the Audit Policy Wizard.
Chapter 15, Auditing: Monitoring Compliance describes how to perform audit reviews and manage compliance with federally mandated regulations.
Chapter 16, Data Exporter introduces the Data Exporter feature and explains how to use this feature to write information about users, roles, and other object types to an external data warehouse.
Chapter 17, Service Provider Administration describes how to configure and administer the Service Provider feature.
Appendix A, lh Reference explains how to use the Identity Manager command line interface.
Appendix B, Audit Log Database Schema contains information about audit data schema values for supported database types and audit log mappings.
Appendix C, User Interface Quick Reference provides a quick reference indicating how to accomplish commonly performed tasks in Identity Manager.
Appendix D, Capabilities Definitions provides a quick reference describing the task-based and functional capabilities you can assign to users
Sun provides additional documentation and information to help you install, use, and configure Identity Manager. The Sun Identity Manager 8.1 library includes the following publications:
Primary Audience |
Title |
Description |
---|---|---|
All Audiences |
Provides an overview of Identity Manager features and functionality. Provides product architecture information and describes how Identity Manager integrates with other Sun products, such as Sun Open SSO Enterprise and Role Manager. |
|
Describes known issues, fixed issues, and late-breaking information not already provided in the Identity Manager documentation set. |
||
System Administrators |
Describes how to install Identity Manager and optional components such as the Sun Identity Manager Gateway and PasswordSync. |
|
Provides instructions on how to upgrade from an older version of Identity Manager to a newer version. |
||
Contains information and instructions to help system administrators manage, tune, and troubleshoot their Identity Manager installation. |
||
Business Administrators |
Describes how to use Identity Manager's provisioning and auditing features. Contains information on the user interfaces, user and account management, reporting, and more. |
|
System Integrators |
Describes how to deploy Identity Manager in complex IT environments. Topics covered include working with identity attributes, data loading and synchronization, configuring user actions, applying custom branding, and so on. |
|
Contains information on workflows, forms, views, and rules, as well as the XPRESS language. |
||
Provides information about installing, configuring, and using resource adapters. |
||
Describes how to deploy Sun Identity Manager Service Provider, and how views, forms, and resources differ from the standard Identity Managerproduct. |
||
Describes how to configure SPML support, which SPML features are supported (and why), and how to extend support in the field. |
In addition, the http://docs.sun.com web site enables you to access Sun technical documentation online. You can browse the archive or search for a specific book title or subject.
Corrections and updates to this and other Identity Manager publications are posted to the Identity Manager Documentation Updates website:
http://blogs.sun.com/idmdocupdates/
An RSS feed reader can be used to periodically check the website and notify you when updates are available. To subscribe, download a feed reader and click a link under Feeds on the right side of the page. Starting with version 8.0, separate feeds are available for each major release.
Third-party URLs are referenced in this document and provide additional, related information.
Sun is not responsible for the availability of third-party web sites mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through such sites or resources.
The Sun web site provides information about the following additional resources:
Sun is interested in improving its documentation and welcomes your comments and suggestions. To share your comments, go to http://docs.sun.com and click Feedback.
The following table describes the typographic conventions that are used in this book.
Table P–1 Typographic Conventions
Typeface |
Meaning |
Example |
---|---|---|
AaBbCc123 |
The names of commands, files, and directories, and onscreen computer output |
Edit your .login file. Use ls -a to list all files. machine_name% you have mail. |
AaBbCc123 |
What you type, contrasted with onscreen computer output |
machine_name% su Password: |
aabbcc123 |
Placeholder: replace with a real name or value |
The command to remove a file is rm filename. |
AaBbCc123 |
Book titles, new terms, and terms to be emphasized |
Read Chapter 6 in the User's Guide. A cache is a copy that is stored locally. Do not save the file. Note: Some emphasized items appear bold online. |
The following table shows the default UNIX® system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.
Table P–2 Shell Prompts
Shell |
Prompt |
---|---|
C shell |
machine_name% |
C shell for superuser |
machine_name# |
Bourne shell and Korn shell |
$ |
Bourne shell and Korn shell for superuser |
# |