1.11 Designer for Identity Manager
When using Designer for Identity Manager, consider the following issues:
-
Monitor and control who has rights to create or modify an Identity Manager driver.
Administrative rights are needed to create Identity Manager objects and configure drivers.
-
Before giving a consultant an Identity Vault administrator password, limit the rights assigned to that administrator to areas of the tree that the consultant must access.
-
Delete the project files (.proj) or save them to a company directory.
Designer .proj files are to remain at the company’s project site. A consultant does not take the files after completing a project.
-
After project files, log files, and trace files are no longer needed, delete them.
-
Before discarding or surplusing a laptop, verify that project files have been cleaned.
-
Ensure that the connection from Designer to the Identity Vault server is physically secure. Otherwise, someone could monitor the wire and pull sensitive information.
-
When you use Document Generator to create documents, be careful with those documents. These documents can contain passwords and sensitive data in clear text.
-
If Designer needs to read or write to an eDirectory attribute, do not mark that attribute as encrypted. Designer is unable to read or write to encrypted attributes.
-
Do not store passwords that are sensitive.
Currently, Designer projects are not encrypted. Passwords are only encoded. Therefore, do not share Designer projects that have saved passwords.
To save a password for a session, but not save it to the project:
-
In an expanded Outline view, right-click an Identity Vault.
-
Select .
-
On the Configuration page, type a password, then click .
You can enter a password once per session. After you close the project, the password is lost.
To save a password to the hard drive, complete Steps 1-3, select , then click .
Figure 1-1 Save Password
-