As with the existing User Application interface, you can use the new interface to do the following:
Request new permissions for you
Request permissions on behalf of other users
To request permissions on behalf of other users, you must be a team requester or a user who has the necessary permissions to place the request. Identity Manager allows the following roles to request permissions for other users in the organization.
Security Administrator
Domain Administrator
Team Requester
NOTE:If you logged in as a different user, the Provisioning Dashboard does not display the Request on Behalf option.
You can make the same request for multiple users at the same time. The interface allows you to select objects such as users, groups, and teams for making requests. A team contains users who are authorized to make requests, end-users who are recipients of those requests, and permissions for the team. For more information about configuring teams, see Managing Teams in the NetIQ Identity Manager Catalog Administrator User Guide.
You can view other requests for the users to determine what requests are necessary.
To request a permission for yourself:
Log in to Identity Manager Home.
Select Request Access.
On the Provisioning Dashboard, select Self in the Request For field.
Search for the specific permission you want to request in Permissions.
You can sort the resulting permissions by the closest matching result or in alphabetical order.
NOTE:You should not use punctuation when specifying a permission you want to request. If the name of the permission you want to request includes punctuation, omit the punctuation when searching.
Provide any required information, including the effective date, expiration date, or the reason for the request.
Different permissions require different information, depending on how the administrator has configured the form. If the permission requires detailed information, the Dashboard redirects you to a separate form window when you select the permission.
Select Request or Submit, depending on the type of permission requested.
You can request multiple permissions at the same time.
NOTE:Items that require additional detailed information may not be available for selection with other items. To request multiple permissions at once, the request forms for the various requests cannot require detailed information.
To request a permission for other users:
Log in to Identity Manager Home.
Select Request Access.
On the Provisioning Dashboard, select Others in the Request For field.
Search for the recipients for whom you want to request a permission.
A recipient can be one or more users. Multiple recipients can belong to a group or a team. To select more than one recipient, select the user individually. You can also select a group or a team as a recipient. When a team or a group is selected as a recipient and a permission requested for it, the Provisioning Dashboard internally expands the list of recipients within the team/group and raises separate requests for all the users within the team/group. It is also possible to select a few users from a group and request permissions for them. If you select the members of a group individually, the Provisioning Dashboard displays the names of the selected members in the Recipients field.
Search for the specific permission you want to request for the users in Permissions.
NOTE:You should not use punctuation when specifying a permission you want to request. If the name of the permission you want to request includes punctuation, omit the punctuation when searching.
Provide any required information, including the effective date, expiration date, or the reason for the request.
Different permissions require different information, depending on how the administrator has configured the form. If the permission requires detailed information, the Dashboard redirects you to a separate form window when you select the permission.
Select Request or Submit, depending on the type of permission requested.
IMPORTANT:You can request multiple permissions for multiple recipients at the same time. However, Identity Manager allows bulk requests for only one team at the same time. This does not include bulk requesting the complex PRDs.
As a Role Administrator or a Security Administrator, you can directly assign a role permission to the entire group by using the Assign Role to Group option. This option is not available for other roles.
If you selected Assign Role to Group, the Provisioning Dashboard does not display other permissions except role permission.
If you selected other permissions (PRDs and resources) while requesting a role permission for a group, the Provisioning Dashboard removes those permissions and considers only role permission request.
NOTE:Items that require additional detailed information may not be available for selection with other items. To request multiple permissions at once, the request forms for the various requests cannot require detailed information.