This document provides a task-based view of Identity Manager components and services.
Planning is key to customizing Identity Manager to meet the needs of your business environment.
Designers are information technology professionals who act in the role of a designer or architect of identity-based solutions, such as enterprise IT developers, consultants, sales engineers, architects, system designers, and system administrators. Designers should have a strong understanding of directory services, databases, and their information environment.
Components or Tools
Designer
Library Resources
Analyzer helps you to analyze, clean, and prepare your data for synchronization.
Components or Tools
Analyzer
Library Resources
Library Resources
Understanding
Checklists for Installation
Configuring in Cluster Environments
Identity Vault considerations and installation
Identity applications prerequisites and preparing for the User Application
Self-Service Password Reset considerations
Identity Manager uses policies to manipulate and synchronize data to the different connected systems. Policies control how information flows from one system to another, and under what conditions.
Tools
Policy Builder in Designer
Policy Builder in iManager
Library Resources
Key Tasks
Managing policies with the Policy Builder
Managing credential provisioning policies
Driver sets synchronize data between connected systems according to the rules you set in them. Each driver in a driver set defines the connectivity and data exchanged between two connected systems.
Components or Tools
Identity Manager drivers
Your custom drivers
Library Resources
Key Tasks for Administrators
NetIQ provides Identity Manager drivers to connect to and synchronize data between various identity directories, applications, and databases that run on different platforms. For each data set, you must configure its related driver to synchronize identity data.
Library Resources
The User Application’s Roles-Based Provisioning Module provides an easy way to assign people to privileges in target systems through their role membership. You can use the Catalog Administrator to manage roles and resources, associate resources to roles, and manage separation-of-duties conflicts between roles.
Library Resources
Key Tasks
Key Roles
Architects
Administrators
Role Administrator (Role Module Administrator)
Role Manager (Role Module Manager)
Roles-based provisioning ensures that access to corporate resources complies with organizational policies and that provisioning occurs within the context of the corporate security policy. Workflows start automatically when a user starts a provisioning request by requesting a resource. The User Application driver listens for events in the Identity Vault, and can be configured to respond to events by starting the appropriate provisioning workflows.
Library Resources
Key Tasks for Administrators
Configuring Provisioning Request Definitions
Work Dashboard
Configuring a workflow for a provisioning request definition
Enabling and configuring support for the mobile Approvals app
Key Tasks for Approvers
The Login page performs robust user authentication supported by Identity Manager. The Login page redirects to the other password management pages as needed during the login process.
The landing page provides users a personal view of their permissions, tasks, and requests, as well as the ability to make a new request or search for a role or resource among their current permissions. A user can request hardware, access to a particular server, or permission to use a particular application in their environment.
Library Resources
Installing the Single Sign-on and Password Management Components in the Setup Guide
Configuring Single Sign-on Access in Identity Manager in the Setup Guide
Requesting, Approving, and Managing Access to Resources and Roles
Exploring the Identity Manager Landing Page in the User Application: User Guide
Key Tasks for Administrators
Key Tasks for Approvers
You can display and manage user identity information in the User Application.
Library Resources
Key Tasks for Administrators
The self-service capabilities of Identity Manager allow users to edit their own profiles, search a directory, change their passwords (including password hints and challenge responses), review password synchronization status, and, if authorized, create accounts for new users or groups.
Library Resources
Key Tasks for Administrators
Identity Manager provides an email notification system to notify administrators or users of actions or results that occur, such as password management, jobs status, and provisioning requests that are pending approval. You can specify triggers and the content of email messages that users receive in response to them.
Library Resources
Setting Up Email Notification Templates in the Designer Administration Guide
Send email and Send email template actions in the Policies in Designer
Send email and Send email template actions in the Policies in iManager
Working with Email Templates in the User Application: Administration Guide
Administrative Users in the User Application: Administration Guide
Key Tasks for Administrators in Designer
Key Tasks for Administrators in iManager
You can audit issues of interest and troubleshoot errors.
Library Resources
Key Tasks
Enabling audit events
Setting up Logging
You can generate reports to gather statistics over the appropriate periods to help you understand trends and identify issues of interest.
Library Resources
Key Tasks
Following the principle of least privilege, NetIQ Access Review helps you ensure that your users have focused access to those applications and resources that they use and cannot access resources that they do not need to access. You can collect user and access information from Identity Manager in a central location, and organize it for review. Users assigned to appropriate global, run-time, or application-specific roles can review all permissions assigned to your users, either individually or as a group, and decide whether those permission assignments are appropriate for your business environment.
Library Resources
Key Tasks
Managing Roles for Access Review
Using Identity Manager with Access Review
Importing Identity Manager information into Access Review catalogs
You can upgrade Identity Manager components individually. You can upgrade servers one at a time. The driver sets associated with multiple servers continue to work with the different versions as you upgrade the servers.
Library Resources
You can migrate existing data in Identity Manager components to a new installation when there is no upgrade path from your current setup.
Library Resources
THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.
For purposes of clarity, any module, adapter or other similar material (“Module”) is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.
This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.
© 2014 NetIQ Corporation. All Rights Reserved.
For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.