When using Designer for Identity Manager, consider the following issues:
Monitor and control who has rights to create or modify an Identity Manager driver.
Administrative rights are needed to create Identity Manager objects and configure drivers.
Before giving a consultant an Identity Vault administrator password, limit the rights assigned to that administrator to areas of the tree that the consultant must access.
Delete the project files (.proj) or save them to a company directory.
Designer .proj files are to remain at the company’s project site. A consultant does not take the files after completing a project.
After project files, log files, and trace files are no longer needed, delete them.
Before discarding or surplusing a laptop, verify that project files have been cleaned.
Ensure that the connection from Designer to the Identity Vault server is physically secure. Otherwise, someone could monitor the wire and pull sensitive information.
When you use Document Generator to create documents, be careful with those documents. These documents can contain passwords and sensitive data in clear text.
If Designer needs to read or write to an eDirectory attribute, do not mark that attribute as encrypted. Designer is unable to read or write to encrypted attributes.
Do not store passwords that are sensitive.
Currently, Designer projects are not encrypted. Passwords are only encoded. Therefore, do not share Designer projects that have saved passwords.
To save a password for a session, but not save it to the project:
In an expanded Outline view, right-click an Identity Vault.
Select
.On the Configuration page, type a password, then click
.You can enter a password once per session. After you close the project, the password is lost.
To save a password to the hard drive, complete Steps 1-3, select
, then click .Figure 1-1 Save Password