An entitlement agent grants an entitlement to a user when criteria are met. You must create and configure one of the following entitlement agents for use with the preconfigured entitlements in the SAP User Management Fan-Out driver.
Role-Based Entitlements (RBE):
Manages entitlements based on the events that occur in the Identity Vault. It is used for simple automation. For example, when a user is added to the HR system, the user is automatically granted accounts in other systems. This requires an Entitlements driver to be created with policies that define the desired action. For instructions, see the NetIQ Identity Manager Entitlements Guide
in the NetIQ Identity Manager Entitlements Guide.
Workflow: Manages entitlements through provisioning workflows. It is used when approvals are required. For example, when a user is added to the HR system, the manager must approve the accounts for the user. This requires a workflow that contains the desired actions. For instructions, see Managing Workflows in the NetIQ Identity Manager - Administrator’s Guide to the Identity Applications.
Roles Based Provisioning Module (RBPM): Manages entitlements based on roles that are assigned to users. For example, when a user is added to the Accounting role, the user automatically receives all accounts associated with the Accounting role. This requires that the Roles Based Provisioning Module be installed and configured for roles. For installation instructions, see the Planning to Install the Identity Applications in the NetIQ Identity Manager Setup Guide.
The RBPM is the only supported entitlement agent for the fan-out configuration of the driver.