This document provides a task-based view of Identity Manager components and services.
Planning is key to customizing Identity Manager to meet the needs of your business environment.
Designers are information technology professionals who act in the role of a designer or architect of identity-based solutions, such as enterprise IT developers, consultants, sales engineers, architects, system designers, and system administrators. Designers should have a strong understanding of directory services, databases, and their information environment.
Components or Tools
Designer
Analyzer helps you to analyze, clean, and prepare your data for synchronization.
Components or Tools
Analyzer
Library Resources
Library Resources
Understanding
Checklists for Installation
Configuring in Cluster Environments
Identity Vault considerations and installation
Identity applications prerequisites and preparing a cluster for the Identity Applications
Self-Service Password Reset considerations
Identity Manager uses policies to manipulate and synchronize data to the different connected systems. Policies control how information flows from one system to another, and under what conditions.
Tools
Policy Builder in Designer
Policy Builder in iManager
Library Resources
Key Tasks
Managing policies with the Policy Builder
Managing credential provisioning policies
Driver sets synchronize data between connected systems according to the rules you set in them. Each driver in a driver set defines the connectivity and data exchanged between two connected systems.
Components or Tools
Identity Manager drivers
Your custom drivers
Library Resources
Key Tasks for Administrators
NetIQ provides Identity Manager drivers to connect to and synchronize data between various identity directories, applications, and databases that run on different platforms. For each data set, you must configure its related driver to synchronize identity data.
Library Resources
The User Application’s Roles-Based Provisioning Module provides an easy way to assign people to privileges in target systems through their role membership. You can use the Catalog Administrator to manage roles and resources, associate resources to roles, and manage separation-of-duties conflicts between roles.
Tools
Library Resources
Key Tasks
Key Roles
Architects
Administrators
Role Administrator (Role Module Administrator)
Role Manager (Role Module Manager)
Roles-based provisioning ensures that access to corporate resources complies with organizational policies and that provisioning occurs within the context of the corporate security policy. Workflows start automatically when a user starts a provisioning request by requesting a resource. The User Application driver listens for events in the Identity Vault, and can be configured to respond to events by starting the appropriate provisioning workflows.
Library Resources
Key Tasks for Administrators
Configuring Provisioning Request Definitions
Work Dashboard
Configuring a workflow for a provisioning request definition
Enabling and configuring support for the mobile Approvals app
Key Tasks for Approvers
The Login page performs robust user authentication supported by Identity Manager. The Login page redirects to the other password management pages as needed during the login process.
The landing page provides users a personal view of their permissions, tasks, and requests, as well as the ability to make a new request or search for a role or resource among their current permissions. A user can request hardware, access to a particular server, or permission to use a particular application in their environment.
Library Resources
Key Tasks for Administrators
Configuring the Login settings for password management (Password Module Setup Login Action)
Configuring navigation access permissions for the User Application
Key Tasks for Approvers
You can display and manage user identity information in the User Application.
Library Resources
Key Tasks for Administrators
The self-service capabilities of Identity Manager allow users to edit their own profiles, search a directory, change their passwords (including password hints and challenge responses), review password synchronization status, and, if authorized, create accounts for new users or groups.
Library Resources
Key Tasks for Administrators
Identity Manager provides an email notification system to notify administrators or users of actions or results that occur, such as password management, jobs status, and provisioning requests that are pending approval. You can specify triggers and the content of email messages that users receive in response to them.
Library Resources
Setting Up Email Notification Templates in the Designer Administration Guide
Send email and Send email template actions in the Policies in Designer
Send email and Send email template actions in the Policies in iManager
Working with Email Templates in the User Application: Administration Guide
Administrative Users in the User Application: Administration Guide
Key Tasks for Administrators in Designer
Key Tasks for Administrators in iManager
You can audit issues of interest and troubleshoot errors.
Library Resources
Key Tasks
Enabling audit events
Setting up Logging
You can generate reports to gather statistics over the appropriate periods to help you understand trends and identify issues of interest.
Tool
Library Resources
Following the principle of least privilege, NetIQ Access Review helps you ensure that your users have focused access to those applications and resources that they use and cannot access resources that they do not need to access. You can collect user and access information from Identity Manager in a central location, and organize it for review. Users assigned to appropriate global, run-time, or application-specific roles can review all permissions assigned to your users, either individually or as a group, and decide whether those permission assignments are appropriate for your business environment.
Library Resources
Key Tasks
Using Identity Manager with Access Review
You can upgrade Identity Manager components individually. You can upgrade servers one at a time. The driver sets associated with multiple servers continue to work with the different versions as you upgrade the servers.
Library Resources
You can migrate existing data in Identity Manager components to a new installation when there is no upgrade path from your current setup.
Library Resources
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information website.
For general corporate and product information, see the NetIQ Corporate website.
For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2017 NetIQ Corporation. All Rights Reserved.