2.2 Identity Manager: Overview

2.2.1 Managing Identities, Access, and Groups

Identity Manager (formerly known as DirXML®) is a cross-platform service that helps you manage identity information across select systems on your corporate network or your partners’ networks. For more information on the Novell® solution, visit the Novell Identity Manager Web site.

Identity Manager helps you manage identity information in any system for which Novell provides a special connector (and for connectors that you or a third party write). Novell provides connectors that interface with popular applications, databases and directories, including PeopleSoft*, SAP* HR, GroupWise®, Microsoft* Exchange, Lotus* Notes*, Oracle*, and Microsoft Active Directory*. (An asterisk--*--denotes a third-party trademark.)

Identity Manager helps you securely manage the access needs of your ever-changing user community. You can manage the full user life cycle and deliver first-day access to essential resources. For example, when you create a new user in your HR database (or a customer or partner in the customer’s related application), all of the user’s accounts are generated automatically, according to your business rules, and any necessary resources or services are supplied.

You can also quickly and consistently manage groups. For example, you can automatically grant access rights to everyone with a given role. You can also synchronize multiple passwords into a single login, modify or revoke access rights instantly, and even support compliance with government regulations.

Former employees pose a common threat to many businesses, but Novell Identity Manager closes this security loophole. The moment you change an employee’s status to dismissed in an authoritative data source, Identity Manager terminates the user’s accounts and access rights in all specified systems, and provides an audit report of the successfully revoked user access rights. Your confidential resources remain safe, and you eliminate countless hours of manual, error-prone administration.

With its Metadirectory capabilities, Identity Manager enables an identity integration foundation for unifying identities across platforms, systems and organizational boundaries. It permits departments to maintain control of the identity data that they are responsible for.

At the same time, the enterprise as a whole gains a single virtual identity for each user by

  • Linking scattered identity information

  • Setting rules that govern automatic updates to all designated systems when a change is made in an authoritative source

This foundation serves as the underlying architecture for password management, user provisioning, white pages, role-based administration, and other capabilities.

Since August 2002, Novell has been in the Leader quadrant of Gartner Metadirectory Magic Quadrant. Novell offers the most flexible identity management solution on the market. This solution adapts to each customer’s needs and business rules, enables enterprises to automate processes for quick and efficient deployment, and provides the flexibility to customize and adapt the solution as requirements evolve.

2.2.2 How Identity Manager Works

To control when and how identity information is exchanged between these systems, you configure the systems’ respective connectors by creating various types of rules. You base these rules on your company’s needs and on its relationship with partners and employees.

Identity Manager uses Extensible Markup Language (XML) and extensible Stylesheet Language Transformations (XSLT), the two formats in which DirXML rules have traditionally been represented. Identity Manager 3.5 and later include features that exceed traditional DirXML capabilities by significantly simplifying the rule-building (business policy) process and by simplifying password management.

Novell Identity Manager runs on eDirectory™ 8.7.3 or later and supports all of the platforms that eDirectory supports, including NetWare®, Microsoft Windows* NT/2000, Red Hat* Linux, Solaris*, AIX* and HP-UX*. (For specific version numbers, visit the Novell eDirectory Web site.

For an article on how Identity Manager works, see Too Many Directories?.

Also, see the Novell Identity Manager Web site.