10.2 Managing Teams

10.2.1 Creating a Team

To create a new provisioning team:

  1. Launch the New Team Wizard in any of these ways:

    From Designer’s menus:

    • Select File > New > Provisioning Team, then click Next.

    From the Provisioning view:

    Right-click Provisioning Teams, then select New.

    The New Provisioning Teams dialog box displays. When the dialog box is launched from the File menu, it contains fields that are not displayed when it is launched from the Provisioning view.

  2. Fill in the fields as follows:

    Field

    Description

    Identity Manager Project and Provisioning Application

    Select the correct Identity Manager project and Provisioning Application.

    NOTE:This field displays when you create queries from the File menu.

    Identifier

    Type a common name (CN) for the team.

    Display Label

    Type the name of the provisioning team. This is the name displayed in Designer and also in the User Application runtime. The label is localizable in the Team editor.

    Description

    Provide a description of the provisioning team.

    Domain

    Provide the domain for the team. It could be Roles, Resources, or Provisioning.

  3. Click Finish. The Team panel of the Provisioning Team editor displays.

  4. Type a description.

  5. To define the team’s members, do one of the following:

    • Click DAL Relationship, then select the relationship that represents the team’s membership.

    • Click All Users to select all users as members of this team.

    • Click Identity Vault Objects. Click , then select the members from the Identity Vault. Members can be users, groups, containers, organizational units (OU), or organizations (O). Specifying an O or OU can impact the User Application’s runtime performance. The manager needs to search for the member using a select-pick list to reduce the performance impact.

  6. Click Permissions. The Team Permissions Configuration page displays.

    Selection

    Description

    Object Type

    Specifies the type of authorized object.

    Authorized Objects

    Specifies the name of the authorized object.

    Permission

    Specifies the permissions that the team has on that object.

  7. Click Save.

    The Team Permissions Configuration page is read-only. The object information is populated from the User Application.

You must save the Provisioning Team for it to be available to the User Application. See Deploying Provisioning Objects. A provisioning team creates one object (srvprvRbpmTeam) in the User Application driver Appconfig Teams node. The srvprvRbpmTeam contains the provisioning teams object.

IMPORTANT:The team and the team request objects represented a team in the User Application versions prior to 3.7. The team request object contained the request that could be accessed by the team. User Application 3.7, 4.0 and later teams store the permissions on individual requests or request containers eliminating the need for two objects. For more information on team authorization, refer to Team Configuration in the NetIQ Identity Manager - Administrator’s Guide to the Identity Applications.

10.2.2 Deleting a Provisioning Team

You delete the Provisioning Team object from the Provisioning view by right-clicking the team, then selecting Delete. The Delete confirmation dialog box lets you specify whether to delete the object locally only, or from the Identity Vault during the next deploy of the parent object.

10.2.3 Creating a Team to Manage Direct Reports

For information on creating the team, refer to Team Configuration in the NetIQ Identity Manager - Administrator’s Guide to the Identity Applications.

For more information on saving and deploying the team, see Deploying Provisioning Objects.