A.2 Global Configuration Values

Global configuration values (GCVs) are values that can be used by the driver to control functionality. GCVs are defined on the driver or on the driver set. Driver set GCVs can be used by all drivers in the driver set. Driver GCVs can be used only by the driver on which they are defined.

The PUM driver includes several predefined GCVs. You can also add your own if you need additional ones as you implement policies in the driver.

To access the driver’s GCVs in iManager:

  1. Click to display the Identity Manager Administration page.

  2. Open the driver set that contains the driver whose properties you want to edit:

    1. In the Administration list, click Identity Manager Overview.

    2. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.

    3. Click the driver set to open the Driver Set Overview page.

  3. Locate the PUM driver icon, click the upper right corner of the driver icon to display the Actions menu, then click Edit Properties.

    or

    To add a GCV to the driver set, click Driver Set, then click Edit Driver Set properties.

To access the driver’s GCVs in Designer:

  1. Open a project in the Modeler.

  2. Right-click the PUM driver icon or line, then select Properties > Global Configuration Values.

    or

    To add a GCV to the driver set, right-clickthe driver set icon , then click Properties > GCVs.

The global configuration values are organized as follows:

A.2.1 Managed System Information

These settings help the Identity Reporting Module function to generate reports. There are different sections in the Managed System Information tab.

General Information

Name: Specify a descriptive name for this PUM system. This name is displayed in the reports.

Description: Specify a brief description of this PUM system. This description is displayed in the reports.

Location: Specify the physical location of this PUM system. This location is displayed in the reports.

Vendor: Select NetIQ as the vendor of the PUM system. This information is displayed in the reports.

Version: Specify the version of this PUM system. This version information is displayed in the reports.

System Ownership

Business Owner: Browse to and select the business owner in the Identity Vault for this PUM system. You must select a user object, not a role, group, or container.

Application Owner: Browse to and select the application owner in the Identity Vault for this PUM system. You must select a user object, not a role, group, or container.

System Classification

Classification: Select the classification of the PUM system. This information is displayed in the reports. The options are:

  • Mission-Critical

  • Vital

  • Not-Critical

  • Other

    If you select Other, you must specify a custom classification for the PUM system.

Environment: Select the type of environment the PUM system provides. The options are:

  • Development

  • Test

  • Staging

  • Production

  • Other

    If you select Other, you must specify a custom classification for the PUM system.

A.2.2 Password Synchronization

These GCVs enable password synchronization between the Identity Vault and the PUM system.

In Designer, you must click the icon next to a GCV to edit it. This displays the Password Synchronization Options dialog box for a better view of the relationship between the different GCVs.

In iManager, you should edit the Password Management Options on the Server Variables tab rather than under the GCVs. The Server Variables page has a better view of the relationship between the different GCVs.

For more information about how to use the Password Management GCVs, see Configuring Password Flow in the Identity Manager 4.0.2 Password Management Guide.

Connected System or Driver Name: Specify the name of the PUM system or the driver name. This value is used by the e-mail notification template to identify the source of the notification message.

Notify the user of password synchronization failure via e-mail: If True, notify the user by e-mail of any password synchronization failures.

A.2.3 Entitlements

There are multiple sections in the Entitlements tab. Depending on which packages you installed, different options are enabled or displayed.

Entitlements Configuration

For more information about entitlements, see Section 1.3.3, Entitlements.

UserGroup Entitlement: Select True to enable the driver to manage PUM UserGroups based on the driver’s defined entitlements. Select False to disable management of PUM UserGroups based on the entitlements.

Parameter Format: Select the parameter format the entitlement agent must use. Identity Manager 4 is the only supported option.

Advanced Settings: Following are the available advanced options.

Role Mapping

The Role Mapping Administrator allows you to map business roles with IT roles. For more information, see the Novell Identity Manager Role Mapping Administrator 4.0.2 User Guide.

Enable role mapping: Select Yes to make this driver visible to the Role Mapping Administrator.

Resource Mapping

The Roles Based Provisioning Module allows you to map resources to UserGroups. For more information, see the User Application: User Guide.

Enables resource mapping: Select Yes to make this driver visible to the Roles Based Provisioning Module.