20.4 Defining Policies

Policies enable you to customize the flow of information into and out of the Identity Vault, for a particular environment. For example, one company might use the inetorgperson as the main user class, and another company might use User. To handle this, a policy is created that tells the Identity Manager engine what a user is called in each system. Whenever operations affecting users are passed between connected systems, Identity Manager applies the policy that makes this change.

Policies also create new objects, update attribute values, make schema transformations, define matching criteria, maintain Identity Manager associations, and many other things.

NetIQ recommends that you use Designer to define policies for drivers to meet your business needs. For a detailed guide to Policies, see NetIQ Identity Manager - Using Designer to Create Policies guide and NetIQ Identity Manager Understanding Policies Guide. For information about the document type definitions (DTD) that Identity Manager uses, see Identity Manager DTD Reference. These resources contain:

  • A detailed description of each available policy.

  • An in-depth Policy Builder user guide and reference, including examples and syntax for each condition, action, noun, and verb.

  • A discussion on creating policies using XSLT style sheets.