NetIQ Identity Manager - Administrator’s Guide to the Identity Applications

NetIQ Identity Manager - Administrator’s Guide to the Identity Applications

Introduction to the Individual Identity Applications

Identity Manager Dashboard

Catalog Administrator

User Application

Identity Reporting

Understanding the Functionality of the Identity Applications

Enabling Self-Service Activities for Users

Providing Permissions to Users

Ensuring Permission Assignments Comply with Your Standards

Understanding the Types of Users for the Identity Applications

Design and Configuration Tools

Understanding the Back-end Functions for the Identity Applications

User Interfaces

Directory Abstraction Layer

Workflow Engine

Application Server (J2EE-Compliant)

Database

User Application Driver

Role and Resource Service Driver

Designer for Identity Manager

iManager

Identity Manager Engine

Authentication Service for Single Sign-on Access

Preparing the Identity Applications for Use

Understanding the Design Needs

Design Constraints

High Availability Design

Configuring Security in the Identity Applications

Understanding Security in the Identity Applications Environment

Using Secure Sockets for User Application Connections to the Identity Vault

Enabling SSL for User Access

Enabling SOAP Security

Enabling Authentication

Encrypting Sensitive Identity Applications Data

Preventing XSS Attacks

Modifying Trustee Rights

Updating a Password for a Database User on Tomcat

Assigning the Identity Applications Administrators

Understanding the Administrators of the Identity Applications

Assigning the User Application Administrator

Changing the Default Administrator Assignments after Installation

Assigning Administrators in the Identity Applications

Setting Up Logging in the Identity Applications

How Logging Services Help

What Can Be Logged

How Logging Works

Types of Log Files

Understanding the Log Format

Configuring Logging

Configuring Logging in a Cluster

Logging to a Sentinel Server

Using Log Files for Troubleshooting

Log Events

Customizing the Identity Applications for Your Enterprise

Linking the Dashboard to Catalog Administrator and the User Application

Customizing the Look of the User Interfaces

Localizing the Text in the Interfaces

Adding a Language to the Identity Applications

Configuring User Names

Configuring Email Notification Templates for the Dashboard

Configuring Forgot Password? Functionality

Ensuring that Characters Display Properly in Role Report PDF Files

Ensuring that Dates Display Correctly in Norwegian

Configuring Client Settings Mode

Tuning the Performance of the Applications

Indexing Attributes in the Identity Vault

Increasing the Stack Size

Ensuring Concurrent Access from Multiple Clients

View Request Status Search Limit

Setting Up the Dashboard for Identity Applications

Checklist for Setting Up the Dashboard for Identity Applications

Role and Resource Administration

Creating and Managing Roles

Understanding Role Assignments

Searching for Roles

Role Approval and Revocation

Associating a Resource to a Role

Separation of Duties Constraints

Editing Multiple Roles at Once

Managing the Role Service Driver

Creating and Managing Resources

Searching for Resources

Creating Resources

Modifying Resources

Resource Approval and Revocation

Editing Multiple Resources at Once

Understanding Resource Assignments

Enabling Drivers for Resource Mappings

Creating a List to Improve Resource Request Forms

Administering the User Application

Using the Administration Tab

About the Administration Tab

Who Can Use the Administration Tab

Accessing the Administration Tab

Administration Tab Actions You Can Perform

Application Configuration

Portal Configuration Tasks

Working with the Import and Export Tools

Password Management Configuration

Web Services

Page Administration

About Page Administration

Creating and Maintaining Container Pages

Creating and Maintaining Shared Pages

Setting Default Pages for Groups

Selecting a Default Shared Page for a Container Page

RBPM Provisioning and Security Configuration

About RBPM Provisioning and Security Configuration

Provisioning Configuration

Team Configuration

Navigation Access Permissions

Configuring and Managing Provisioning Workflows

Configuring the User Application Driver to Start Workflows

About the User Application Driver

Setting Up Workflows to Start Automatically

Managing Provisioning Request Definitions

About the Provisioning Request Configuration Plug-in

Working with the Installed Templates

Configuring a Provisioning Request Definition

Managing Provisioning Workflows

About the Workflow Administration Plug-in

Managing Workflows

Configuring the Email Server

Working with Email Templates

Allowing a Named Password to be Retrieved over LDAP

Web Service Reference

Provisioning Web Service

About the Provisioning Web Service

Developing Clients for the Provisioning Web Service

Provisioning Web Service API

Metrics Web Service

About the Metrics Web Service

Metrics Web Service API

Metrics Web Service Examples

Notification Web Service

About the Notification Web Service

Notification Web Service API

Notification Example

Directory Abstraction Layer (VDX) Web Service

About the Directory Abstraction Layer (VDX) Web Service

VDX Web Service API

VDX Example

Role Web Service

About the Role Web Service

Role API

Role Web Service Examples

Resource Web Service

About the Resource Web Service

Resource Web Service Interface

Resource Web Service Examples

Forgot Password Web Service

About the Forgot Password Web Service

Password Management Web Service Interface

ForgotPasswordWSBean

Introduction to Resource Information Services

About RIS

Security

Identities Service

About the Identities Service

Accessing and Using the Identities Service

Resources Service

About the Resources Service

Accessing and Using the Resources Service

About the Role Service

Accessing and Using the Role Service

Work Items Service

About the Work Items Service

Accessing and Using the Work Items Service

Workflow Process and Definition Service

About the Workflow Process and Definition Service

Accessing and Using the Workflow Process and Definition Service

Configuring the Identity Manager Approvals App

Product Requirements

Setting Up the Approvals App

Optimizing Designer Forms for the Approvals App

Understanding Language Support in the Approvals App

Schema Extensions for the User Application

Attribute Schema Extensions

Objectclass Schema Extensions

Resource Definition Object (nrfResource)

Resource Request Object (nrfResourceRequest)

Role-Resource Configuration (nrfConfiguration)

Resource Binding to Users (nrfIdentity)

Resource Containers

JavaScript Search API

Launching a Basic Search using the SearchListPortlet

Creating a New Query using the JavaScript API

Performing an Advanced Search Using a JSON-formatted Query

Retrieving all Saved Queries for the Current User

Running an Existing Saved Query

Performing a Search on All Searchable Attributes

Trouble Shooting

Permgen Space Error

Email Notification Templates

Org Chart and Guest Access

Provisioning Notification

javax.naming.SizeLimitExceededException

Linux Open Files Error

How OSP Works with Identity Manager

Understanding How OSP Works with Identity Manager

OSP Login Request Examples by Using REST Endpoints

Using Kerberos for Single Sign-On

Using SAML with NetIQ Access Manager for Single Sign-On

Integrating Single Sign-on Access with Identity Governance

Guidelines for Enabling OSP Logging

Troubleshooting

Using Log Files for Troubleshooting

Troubleshooting E-Mail Based Approval Issues

Troubleshooting Self Service Password Reset Issues

Troubleshooting Authentication Issues

Troubleshooting General Issues