This tab defines the values for authentication matching and Identity Governance services.
Specifies how Identity Governance authenticates login requests and grants the appropriate permissions to users. Enter one or more rules that Identity Governance uses to compare attributes in the SUSER table, such as dn, with attributes retrieved from the authentication service. Specify the matching rules using properties named iac.auth.matching.rule.N.attrs where N specifies the order that Identity Governance uses the rule to match users, such as 1, 2, 3, and so on.
Keep in mind the following points:
For best results, add an index for the matching rule attributes.
Identity Governance evaluates only collected attribute values for the matching rules, not edited values.
When an attribute value is a string, Identity Governance performs an exact case match by default.
IMPORTANT:Set all matching rule attributes with the following list and search options in the Identity Governance User (identity) schema:
Display in lists and detail views
Available in catalog searches. Changes take effect after publication.
For more information, see Adding or Editing Attributes to Extend the Schema
in NetIQ Identity Governance Administrator Guide.
Specifies the mapping of SUSER attributes to OSP attributes using a comma-separated list of attribute name pairs. Use the format SUSER attribute:OSP attribute. For example, dn:name,lastName:last_name,firstName:first_name,emails:email maps the SUSER attributes of dn, lastName, firstName, and emails to the OSP attributes of name, last_name, first_name, and email.
Specifies the name that you want to use to identify Identity Governance to each service listed.
Specifies the password for the corresponding client ID.
Specifies that you want to use test IDs to run utilities that interact with Identity Governance without creating client IDs for each utility.