Sample Auditor Rule Multiple Account Types (Sun Identity Manager Deployment Reference)

Sun Identity Manager Deployment Reference

Sample Auditor Rule Multiple Account Types

The following example demonstrates how to use the Sample Auditor Rule Multiple Account Types rule. The location of the rule is

sample/rules/SampleAuditorRuleMultipleAccountTypes.xml

To Dynamically Test Multiple User Accounts per Resource

Set up a resource with multiple account types.

<?xml version=’1.0’ encoding=’UTF-8’?>
<!DOCTYPE Waveset PUBLIC ’waveset.dtd’ ’waveset.dtd’>
<Waveset>
<Rule subtype=’IdentityRule’ name=’Administrator Identity’>
  <concat>
     <s>adm</s>
     <ref>attributes.accountId</ref>
  </concat>
</Rule>
</Waveset>

Add a user with two accounts on the resource and set up a user form so that the new resource attributes are directly assigned separately:
account[Simulated Resource].department account[Simulated Resource|admin].department

Assign different values for each account and test the policy rule.

Location:
sample/rules/SampleAuditorRuleMultipleAccountTypes.xml