Service Provider User Forms

All user forms that access account information for Service Provider accounts must use the IDMXUser view to reference attributes on their Service Provider Directory account and linked resource accounts.

If you create your own user form, and the form is to be displayed as an option on the Edit Main Configuration page of the Administrator Interface, the authType Configuration attribute must be assigned the value SPEUserForm. Otherwise, this attribute may be omitted. Service Provider user forms operate on the IDMXUser view instead of the Identity Manager User view. Therefore, a different authType is useful for distinguishing between the forms.

The following example illustrates the use of the authType attribute.

<Configuration authType=’SPEUserForm’ wstype=’UserForm’ name=’My Service Provier User Form’>

The Edit Main Configuration page of the Administrator Interface allows an administrator to select a default End User, Administrator, and Synchronization user form. If no End User or Synchronization user form is defined in the Administrator Interface, then no form will be used, unless a form is specified in the sys.form attribute in the IDMXUser view. If a default Administrator user form is not selected, then delegated administrators will not be able to create or edit accounts from the Administrator Interface. However, if the sys.noDefaultForm attribute is set to true in the IDMXUser view, the default user form specified in the Administrator Interface will not be used.

End User Form

The end user form is typically a simple form that defines a few fields and possibly provides default values. The display.session and display.speContext attributes should not be called, because the results are not displayed on the Administrator Interface.

Administrator User Form

The administrator user form determines what is displayed on the Create or Edit Service Provider Users page. This form will typically be more complex than the end user form, as it can be used to perform tasks such as retrieving lists of available resources and determining which attributes can be edited.

Synchronization User Form

The Service Provider Synchronization task uses the synchronization form to process accounts. This task ensures that account changes on one resource are propagated to other resources, including the LDAP master directory.

The Synchronization user form performs the same general functions as an Identity Manager Active Sync user form. It translates an arbitrary set of incoming account attributes into the IDMXUser view. See Active Sync User Forms for more information.