4.6 Synchronizing User Permission Assignments

You can synchronize user permission assignments from the Identity Vault into the User Application as resource assignments. Synchronization of permission assignments of users is possible if the driver supports Permission Collection and Reconciliation service. For more information, see Section 4.1.3, Configuring the Driver Settings.

Depending on the following Entitlements GCV settings, the driver synchronizes the Identity Vault user permission assignments into the User Application:

  1. In iManager, open the Loopback Services driver Overview page:

    1. Click Driver icon to display the Identity Manager Administration page.

    2. In the Administration list, click Identity Manager Overview.

    3. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.

    4. Click the driver set to open the Driver Set Overview page.

    5. Click the Loopback Services driver icon to display its Overview page.

  2. Click Synchronize, then select the Examine all objects option.

    IMPORTANT:The Use a starting date/time in the synchronize operation option is not supported for this driver. The Sync event is not generated because the driver doesn’t create association for the Identity Vault user objects. For general information about object synchronization, see Synchronizing Objects in the NetIQ Identity Manager 4.0.2 Common Driver Administration Guide.

    If there is a mismatch between the user permission assignments in the User Application and the Identity Vault, the current state of user permission assignments in the Identity Vault takes precedence. If a user permission assignment is added or removed from the Identity Vault or the Resource Catalog when the driver is disabled, the Identity Manager engine doesn't generate the Resync event. To synchronize the change, manually select the Examine all objects option.