NetIQ Identity Manager - Administrator’s Guide to the Identity Applications
- NetIQ Identity Manager - Administrator’s Guide to the Identity Applications
- Overview
- Introduction to the Individual Identity Applications Components
- Identity Manager Dashboard
- Identity Applications Administration
- Identity Manager Client Settings
- Identity Manager Workflows
- Identity Reporting
- Identity Applications Security and Password Management
- User Application
- Types of User Categories in Identity Applications
- Administrative Users
- Administrator and Manager Categories
- Designers
- Business Users
- Understanding the Functionality of the Identity Applications
- Enabling Self-Service Activities for Users
- Providing Permissions to Users
- Ensuring Permission Assignments Comply with Your Standards
- Design and Configuration Tools
- Understanding the Back-end Functions for the Identity Applications
- User Interfaces
- Directory Abstraction Layer
- Workflow Engine
- SOAP Endpoints
- Application Server
- Database
- User Application Driver
- Role and Resource Service Driver
- Multi-Threaded Role and Resource Service Driver
- Designer for Identity Manager
- iManager
- Identity Manager Engine
- Identity Vault
- Preparing the Identity Applications for Use
- Understanding the Design Needs
- Design Constraints
- High Availability Design
- Configuring Security in the Identity Applications
- Understanding Security in the Identity Applications Environment
- Using Secure Sockets for User Application Connections to the Identity Vault
- Enabling SSL for User Access
- Enabling SOAP Security
- Enabling Authentication
- Encrypting Sensitive Identity Applications Data
- Preventing XSS Attacks
- Modifying Trustee Rights
- Updating a Password for a Database User on Tomcat
- Assigning the Identity Applications Administrators
- Understanding the Administrators of the Identity Applications
- Changing the Default Administrator Assignments after Installation
- Setting Up Logging in the Identity Applications
- How Logging Services Help
- What Can Be Logged
- How Logging Works
- Types of Log Files
- Understanding the Log Format
- Configuring Logging
- Configuring Logging in a Cluster
- Logging to a Sentinel Server
- Using Log Files for Troubleshooting
- Log Events
- Tuning the Performance of the Applications
- Increasing the Heap Size
- Increasing the Stack Size for Recursive Workflows
- Ensuring Concurrent Access from Multiple Clients
- View Request Status Search Limit
- Decreasing the LDAP Socket Cleanup Interval
- Optimizing LDAP Connection with Identity Vault
- Indexing Attributes in the Identity Vault
- Enabling Compound Index on Identity Vault Attributes
- Managing the eDirectory Database Cache Objects Retrieved from the Identity Vault Server
- Customizing the Identity Applications for Your Enterprise
- Linking the Dashboard to External Applications
- Customizing the Look of the User Interfaces
- Localizing the Text in the Interfaces
- Adding a Language to the Identity Applications
- Configuring User Names
- Configuring Email Notification Templates for the Dashboard
- Configuring Forgot Password? Functionality
- Ensuring that Characters Display Properly in Role Report PDF Files
- Ensuring that Dates Display Correctly in Norwegian
- Configuring Client Settings Mode
- Changing Identity Applications Client Settings
- Setting Up the Dashboard for Identity Applications
- Checklist for Setting Up the Dashboard for Identity Applications
- Configuring a Multi-Threaded Role and Resource Service Driver
- How the Driver Works
- Prerequisites
- Defining a Unique Data Set
- Modifying the Default Mapping Table Object
- Configuring the Driver
- Deploying the Driver
- Limitations
- Troubleshooting
- Configuring Identity Applications Clustering and Permission Clustering
- Configuring Identity Applications Clustering to Use TCP or UDP
- Configuring Permission Clustering to Use TCP or UDP
- Identity Applications Administration
- Creating and Managing Roles
- Listing Roles
- Creating a New Role
- Editing Roles
- Managing the Role and Resource Service Driver
- Creating and Managing Resources
- Listing Resources
- Creating a New Resource
- Editing Resources
- Enabling Drivers for Resource Mappings
- Creating a List to Improve Resource Request Forms
- Resource Assignments
- Creating and Managing Delegations
- Separation of Duties Constraints
- Using Controlled Permission Reconciliation Services
- How CPRS Helps
- Prerequisites
- Considerations for Supported Drivers
- Understanding the Components of CPRS
- Managing Permission Reconciliation Settings
- Permission Reconciliation
- Migrating to CPRS
- Configuring Identity Applications Default Settings
- Configuring Roles and Resources Settings
- Configuring Delegation and Proxy Settings
- Configuring Permission Reconciliation Settings
- Configuring Logging Settings
- Configuring Caching and Cluster Settings
- Assigning Administrators in Identity Applications
- Configuring Workflow Engines and Cluster Settings
- Viewing User Application Driver Status
- Configuring the Default Provisioning Display Settings
- Configuring Email-Based Approval
- Configuring and Managing Provisioning Workflows
- Configuring the User Application Driver to Start Workflows
- About the User Application Driver
- Setting Up Workflows to Start Automatically
- Managing Provisioning Request Definitions
- About the Provisioning Request Configuration Plug-in
- Working with the Installed Templates
- Configuring a Provisioning Request Definition
- Managing Provisioning Workflows
- About the Workflow Administration Plug-in
- Managing Workflows
- Configuring the Email Server
- Working with Email Templates
- Allowing a Named Password to be Retrieved over LDAP
- Web Service Reference
- Provisioning Web Service
- About the Provisioning Web Service
- Developing Clients for the Provisioning Web Service
- Provisioning Web Service API
- Metrics Web Service
- About the Metrics Web Service
- Metrics Web Service API
- Metrics Web Service Examples
- Notification Web Service
- About the Notification Web Service
- Notification Web Service API
- Notification Example
- Directory Abstraction Layer (VDX) Web Service
- About the Directory Abstraction Layer (VDX) Web Service
- VDX Web Service API
- VDX Example
- Role Web Service
- About the Role Web Service
- Role API
- Role Web Service Examples
- Resource Web Service
- About the Resource Web Service
- Resource Web Service Interface
- Resource Web Service Examples
- Forgot Password Web Service
- About the Forgot Password Web Service
- Password Management Web Service Interface
- ForgotPasswordWSBean
- Configuring Single Sign-on Access in Identity Manager
- Preparing for Single Sign-on Access
- Using Self-Service Password Management in Identity Manager
- Understanding the Default Self-Service Process
- Understanding the Legacy Password Management Provider
- Understanding Authentication with One SSO Provider
- How OSP Works with Identity Manager
- Using One SSO Provider for Single Sign-on Access in Identity Manager
- Preparing eDirectory for Single Sign-on Access
- Modifying the Basic Settings for Single Sign-on Access
- Configuring Self Service Password Reset to Trust OSP
- Using NetIQ Access Manager for Single Sign-On
- Understanding Third-Party Authentication and Single Sign-On
- Using SAML Authentication for Single Sign-on
- Reverse Proxy Based Single Sign-On
- Using Kerberos for Single Sign-On
- Configuring the Kerberos User Account in Active Directory
- Configuring the Identity Applications Server
- Configure the End-User Browsers to Use Integrated Windows Authentication
- Logging In Using the Name Password Form
- Integrating Single Sign-on Access with Identity Governance
- Ensuring Rapid Response to Authentication Requests
- Configuring Identity Governance for Integration
- Configuring Identity Manager for Integration
- Verifying Single Sign-on Access for the Identity Applications
- Using SSL for Secure Communication
- Checklist for Ensuring SSL Connections
- Creating a Keystore and Certificate Signing Request
- Enabling SSL with a External CA Signed Certificate
- Enabling SSL with a Self-signed Certificate
- Enabling SSL Between Sentinel and Identity Manager Components
- Updating the SSL Settings for the Application Server
- Updating the SSL Settings in the Configuration Utility
- Updating the SSL Settings for Self Service Password Reset
- REST Services
- Use Cases for Identity Applications REST API
- Troubleshooting
- Using Log Files for Troubleshooting
- Troubleshooting E-Mail Based Approval Issues
- Troubleshooting Self Service Password Reset Issues
- Troubleshooting Authentication Issues
- Troubleshooting General Issues
- Troubleshooting Multi-Threaded Role and Resource Service driver Issues
- Appendix
- Configuring the Identity Manager Approvals App
- Product Requirements
- Setting Up the Approvals App
- Optimizing Designer Forms for the Approvals App
- Understanding Language Support in the Approvals App
- Schema Extensions for the User Application
- Attribute Schema Extensions
- Objectclass Schema Extensions
- Resource Definition Object (nrfResource)
- Resource Request Object (nrfResourceRequest)
- Role Definition Object (nrfRole)
- Request Object (nrfRequest)
- Role-Resource Configuration (nrfConfiguration)
- Resource Binding to Users (nrfIdentity)
- Resource Containers
- JavaScript Search API
- Launching a Basic Search using the SearchListPortlet
- Creating a New Query using the JavaScript API
- Performing an Advanced Search Using a JSON-formatted Query
- Retrieving all Saved Queries for the Current User
- Running an Existing Saved Query
- Performing a Search on All Searchable Attributes
- Trouble Shooting
- Permgen Space Error
- Email Notification Templates
- Org Chart and Guest Access
- Provisioning Notification
- javax.naming.SizeLimitExceededException
- Linux Open Files Error
- Legal Notice