Copyright Next
Contents Contents Identity Manager Overview The Big Picture Goals of the Identity Manager System Defining User Access Delegating Administration Identity Manager Objects User Accounts Roles Resources and Resource Groups Organizations Capabilities Admin Roles Object Relationships Identity Manager Terms Getting Started with Identity Manager Getting Started with Identity Manager Identity Manager Interfaces Identity Manager Administrator Interface Identity Manager User Interface Identity Manager Business Process Editor Help and Guidance Identity Manager Help Finding Information Search Behavior Advanced Query Syntax Identity Manager Guidance Identity Manager Tasks Where to Go from Here User and Account Management About User Account Data Identity Assignments Security Attributes Accounts Area Actions Lists in the Accounts Area Searching in the Accounts Area User Account Status Working with User Accounts Users View Create (New Actions List, New User Selection) Creating Multiple User Accounts (Identities) Edit Move Users (User Actions) Rename (User Actions) Disable Users (User Actions, Organization Actions Enable Users (User Actions, Organization Actions) Update Users (User Actions, Organization Actions) Update Users (User Actions, Organization Actions) Unlock Users (User Actions, Organization Actions) Unlock Users (User Actions, Organization Actions) Deletion (User Actions, Organization Actions) Finding Accounts Finding Accounts Setting Password Policies Creating a Policy Length Rules Character Type Rules Minimum Number of Character Type Rules Dictionary Policy Selection Password History Policy Must Not Contain Words Must Not Contain Attributes Implementing Password Policies Working with User Account Passwords Changing User Account Passwords Resetting User Account Passwords Password Expiration on Reset User Self-Discovery Enabling Self-Discovery User Authentication Personalized Authentication Questions Bypassing the Change Password Challenge after Authentication Bulk Account Actions Launching Bulk Account Actions Using Action Lists Delete, DeleteAndUnlink, Disable, Enable, Unassign, and Unlink Commands Create, Update, and CreateOrUpdate Commands Fields with More Than One Value Special Characters in Field Values Bulk Action View Attributes Correlation and Confirmation Rules Correlation Rules Confirmation Rules Administration Understanding Identity Manager Administration Delegated Administration Understanding Identity Manager Organizations Creating Organizations Assigning Users to Organizations Key Definitions and Inclusions Sample User Members Rule Assigning Organization Control Understanding Directory Junctions and Virtual Organizations Setting Up Directory Junctions Refreshing Virtual Organizations Deleting Virtual Organizations Creating Administrators Filtering Administrator Views Changing Administrator Passwords Challenging Administrator Actions Changing Answers to Authentication Questions Customizing Administrator Name Display in the Administrator Interface Approvals Setting Up Approvers Configuration Understanding Roles What are Roles? Creating Roles Editing Assigned Resource Attribute Values Editing Roles Finding Roles Cloning Roles Renaming Roles Synchronizing Identity Manager Roles and Resource Roles Understanding Resources What are Resources? Resources Area Managing the Resources List Creating Resources Managing Resources Working with Account Attributes Resource Groups Understanding ChangeLogs What are ChangeLogs? ChangeLogs and Security ChangeLogs Feature Requirements Configuring Identity Attributes Working with Identity Attributes Selecting Applications Adding and Editing Identity Attributes Adding Target Resources Removing Target Resources Importing Identity Attributes Configuring ChangeLogs ChangeLog Policies Summary ChangeLogs Summary Saving ChangeLog Configuration Changes Creating and Editing ChangeLog Policies Creating and Editing ChangeLogs Example Example: Define Identity Attributes Example: Configure the ChangeLog CSV File Format Columns Rows Text Values Binary Values Multi-Text Values Multi-Binary Values Formatting Examples Configuring Rotations and Sequences Writing ChangeLog Scripts Understanding Policies What are Policies? Dictionary Policy Configuring the Dictionary Policy Implementing the Dictionary Policy Understanding Capabilities Capabilities Categories Working with Capabilities Create a Capability Edit a Capability Save and Rename a Capability Assigning Capabilities Capabilities Hierarchy Capabilities Definitions Understanding Admin Roles User Admin Role Example Creating and Editing Admin Roles Scoping Controlled Organizations Assigning User Forms to an Admin Role Capabilities Rules and Controlled Organizations Rules Capabilities Rule: Key Definitions and Inclusions Controlled Organizations Rule: Key Definitions Sample Controlled Organizations Rule Understanding Email Templates Customizing Email Templates HTML and Links in Email Templates Allowable Variables in the Email Body Audit Group Configuration Editing Events in the Audit Configuration Group Adding Events to the Audit Configuration Group Remedy Integration Configuring Identity Manager Server Settings Reconciler Settings Scheduler Settings Editing Default Server Settings Signed Approvals Configuring Signed Approvals Server-Side Configuration Client-Side Configuration Signing Approvals Signing Subsequent Approvals Viewing the Transaction Signature Data Synchronization and Loading Topics in this Chapter Data Synchronization Tools: Which to Use? Discovery Extract to File Load from File About CSV File Format Load from Resource Reconciliation About Reconciliation Policies Editing Reconciliation Policies Starting Reconciliation Canceling Reconciliation Viewing Reconciliation Status Working with the Account Index Searching the Account Index Examining the Account Index Working with Accounts Working with Users ActiveSync Adapters Setting Up Active Synchronization Synchronization Mode Running Settings General Active Sync Settings General Active Sync Settings Event Types Event Types Process Selection Target Resources Target Resources Target Attribute Mappings Editing ActiveSync Adapters Active Synchronization in a Clustered Environment Tuning ActiveSync Adapter Performance Changing Polling Intervals Specifying the Host Where the Adapter Will Run Starting and Stopping Adapter Logs Deleting Adapter Logs Security Security Features Password Management Pass-through Authentication About Login Applications Login Constraint Rules Editing Login Applications Editing Login Applications Setting Identity Manager Session Limits Disabling Access to Applications Editing Login Module Groups Editing Login Modules Configuring Authentication for Common Resources Configuring X509 Certificate Authentication Prerequisites Configuring X509 Certificate Authentication in Identity Manager Creating and Importing a Login Configuration Rule Testing the SSL Connection Diagnosing Problems Cryptographic Use and Management Cryptographically Protected Data Server Encryption Key Questions and Answers Gateway Key Questions and Answers Managing Server Encryption Security Practices At Setup During Use Reporting Working with Reports Reports Creating Reports Cloning Reports Emailing Reports Running Reports Scheduling Reports Downloading Report Data Configuring Fonts for Report Output Report Types AuditLog Real Time Summary Reports SystemLog Usage Reports Usage Report Charts Risk Analysis Enabling the Task Templates Task Templates Configuring the Task Templates Configuring the General Tab For the Create User or Update User Templates For the Delete User Template Configuring the Notification Tab Configuring Administrator Notifications Configuring User Notifications Configuring the Approvals Tab Enabling Approvals Specifying Additional Approvers Configuring the Approval Form Configuring the Approval Form Configuring the Audit Tab Configuring the Audit Tab Configuring the Provisioning Tab Configuring the Sunrise and Sunset Tab Configuring Sunrises Configuring Sunsets Configuring Sunsets Configuring the Data Transformations Tab PasswordSync What is PasswordSync? Before You Install PasswordSync Install Microsoft .NET 1.1 Uninstall Previous Versions of PasswordSync Installing PasswordSync Configuring PasswordSync Debugging PasswordSync Error Logs Trace Logs Registry Keys Uninstalling PasswordSync .Deploying PasswordSync Configuring a JMS Listener Adapter Implementing the Synchronize User Password Workflow Setting Up Notifications Frequently Asked Questions about PasswordSync lh Reference Usage class commands Examples license command Usage Options Examples syslog command Usage Options Advanced Search for Online Documentation Wildcard Characters Query Operators Rules of Precedence Default Operators Copyright Next Copyright 2006 Sun Microsystems, Inc. All rights reserved.
Copyright 2006 Sun Microsystems, Inc. All rights reserved.
