Identity Manager centralizes access administration and ensures that every user has one identity—from your physical and virtual networks to the cloud. Also, users often require access to resources based upon their roles in the organization. For example, a law firm’s attorneys might require access to a different set of resources than the firm’s paralegals.
Identity Manager lets you provision users based on their roles in the organization. You define the roles and make the assignments according to your organizational needs. When a user is assigned to a role, Identity Manager provisions the user with access to the resources associated with the role. Users that have multiple roles receive access to the resources associated with all of the roles.
You can have users automatically added to roles as a result of events that occur in your organization. For example, you might add to your SAP HR database a new user with the job title of Attorney. If approval is required for adding a user to a role, you can establish workflows to route role requests to the appropriate approvers. You can also manually assign users to roles.
In some cases, certain roles should not be assigned to the same person because the roles conflict. Identity Manager provides Separation of Duties functionality that lets you prevent users from being assigned to conflicting roles unless someone in your organization makes an exception for the conflict.
The Identity Manager solution provides the following components for provisioning users:
NetIQ Identity Manager Roles Based Provisioning Module and User Application
NetIQ Identity Manager Home and Provisioning Dashboard
Identity Manager Home and the Provisioning Dashboard provide a single access point for all Identity Manager users and administrators. They allow access to all existing Roles Based Provisioning Module and User Application functionality.