A.2 Global Configuration Values

Global configuration values (GCVs) are values that can be used by the driver to control functionality. GCVs are defined on the driver or on the driver set. Driver set GCVs can be used by all drivers in the driver set. Driver GCVs can be used only by the driver on which they are defined.

The SharePoint driver includes many GCVs. You can also add your own if you need additional ones as you implement policies in the driver.

To access the driver’s GCVs in OpenText Identity Console:

  1. Click the IDM Administration tile.

  2. On the Driver Dashboard, locate the driver, then click the driver icon to display the driver’s properties page.

    1. Select the Configuration tab.

    2. Expand the Global Config Values section.

To add a GCV to the driver set:

  1. On the Driver Dashboard, click the upper right corner of the driver set to display the Action menu.

  2. Select Driver Set Properties.

  3. On the Driver Set Configuration tab, expand the Global Config Values section.

  4. Save the values.

To access the driver’s GCVs in Designer:

  1. Open a project in the Modeler.

  2. Right-click the Active Directory driver icon or line, then select Properties > Global Configuration Values.

    or

    To add a GCV to the driver set, right-clickthe driver set icon , then click Properties > GCVs.

The global configuration values are organized as follows:

A.2.1 Driver Configuration

Use the following GCVs to control how the driver is configured.

Site collection URL: The URL of the top-level SharePoint site collection with which the shim will interact.

AD Domain Name: The Active Directory domain name of the domain used by the SharePoint site collection. This value is used with the value of the OpenText Identity Vault DirXML-ADAliasName attribute to construct the SharePoint User LoginName attribute (for example, AD-DOMAIN and JDoe become AD-DOMAIN\JDoe).

AD Driver: The Active Directory driver that synchronizes user to the Active Directory domain that SharePoint uses for authentication. If a driver is specified here, a valid association from that driver on the user is a prerequisite to synchronizing the user to SharePoint. The users synchronizes to Active Directory before synchronizing to SharePoint.

A.2.2 Entitlements

There are multiple sections in the Entitlements tab. Depending on which packages you installed, different options are enabled or displayed.

Entitlements Configuration

Use the following GCVs to control how the entitlements for the driver work. For more information about entitlements, see the OpenText™ Identity Manager Entitlements Guide.

Use User Account Entitlement: Entitlements act like an On/Off switch to control account access. Enable the driver for entitlements to create accounts, and remove/disable when the account entitlement is granted to or revoked from users. If you select True, user accounts in SharePoint can be controlled by using Entitlements.

  • When account entitlement revoked: Select the desired action in the SharePoint system when a User Account entitlement is revoked from an OpenText Identity Vault user. The options are Remove user from the SharePoint site collection or do nothing.

  • Parameter Format: Select the parameter format the entitlement agent must use. The options are Identity Manager 4 or Legacy.

Use Group Entitlement: Select True to enable the driver to manage group membership based on the driver’s Group entitlement.

  • Parameter Format: Select the parameter format the entitlement agent must use. The options are Identity Manager 4 or Legacy.

Role Mapping

The OpenText Identity Applications allow you to map business roles with IT roles. For more information, see the

Enable role mapping: Select Yes to make this driver visible in OpenText Identity Applications.

Allow mapping of user accounts: Select Yes if you want to allow mapping of user accounts in OpenText Identity Applications. An account is required before a role, profile, or license can be granted through OpenText Identity Applications.

Allow mapping of groups: Select Yes if you want to allow mapping of groups in OpenText Identity Applications.

Resource Mapping

OpenText Identity Applications allow you to map resources to users. For more information, see the OpenText™ Identity Manager CE 24.4 (v4.10) - User’s Guide to the Identity Applications.

Enables resource mapping: Select Yes to make this driver visible to OpenText Identity Applications.

Allow mapping of user accounts: Select Yes if you want to allow mapping of user accounts in OpenText Identity Applications. An account is required before a role, profile, or license can be granted.

Allow mapping of groups: Select Yes if you want to allow mapping of groups in OpenText Identity Applications.

Entitlement Extensions

User account extensions: The content of this field is added below the entitlement elements in the EntitlementConfiguraiton resource object.

Group extensions: The content of this field is added below the entitlement element in the EntitlementConfiguration resource object.