Open Enterprise Server 2 contains many prerequisite software components, including SUSE® Linux Enterprise Server 10 Support Pack 1, NetWare® 6.5 Support Pack 8, eDirectory 8.8 Support Pack 5, iManager 2.7, and Security Services 2.0.5. Identity Manager is supported on both the Linux and NetWare Open Enterprise Server 2 platforms.
The plug-ins for iManager in this version of Identity Manager are also compatible to Identity Manager 3.0. In addition to backward compatibility, Identity Manager 3.5.1 contains plug-ins that can report information from the driver cache file.
Identity Manager provides support for all operating system platforms that the previous version of Identity Manager supports. In addition, certain components of Identity Manager will run on Microsoft Windows Vista*, AIX* 5.3, Red Hat* 5 AS/ES 64-bit, and Open Enterprise Server 2, which includes SUSE Linux Enterprise Server 10 SP1 and NetWare 6.5 SP8.
Identity Manager provides support for all applications that the previous version of Identity Manager supports. In addition, Identity Manager also supports eDirectory 8.8 SP5 and iManager 2.7 on the platforms where those applications run.
Identity Manager 3.5.1 includes information and scripts to install the Identity Manager Metadirectory engine into a non-root installation of eDirectory. For the steps to perform a non-root installation of Identity Manager, see Section 4.9, Non-root Installation of Identity Manager.
Identity Manager includes the Client Login Extension for Novell Identity Manager 3.5.1 and Designer 2.1.
A new component for Identity Manager, the Client Login Extension for Novell Identity Manager 3.5.1, facilitates password self-service by adding a link to the Novell and Microsoft GINA login clients. When users click the link in their login client, the Client Login Extension launches a restricted browser to access the Identity Manager User Application Password Self-Service feature. This feature assists in reducing help desk calls from people who forget their passwords.
For more information on Client Login Extension for Novell Identity Manager 3.5.1, see Client Login Extension for Novell Identity Manager 3.5.1
in the Novell Identity Manager 3.5.1 Administration Guide. For more information on Designer 2.1, see Section 1.3.2, Designer for Identity Manager.
This section describes enhancements to Designer for Identity Manager. For a more detailed listing of all Designer 2.1 enhancements and changes, see What’s New.
The Provisioning view of the Designer for Identity Manager now allows you to define:
The user application’s default locale. (This is the locale used to display content when a match for the user's locale cannot be found.)
The locales supported by the User Application driver.
In addition, Designer can now import and export localization data for e-mail templates.
Designer for Identity Manager now includes a Provisioning Team editor plug-in. This new editor allows you to define a set of users who can act as a team for the tab of the User Application. The team definition determines who can manage provisioning requests and approval tasks associated with this team.
The Provisioning Team editor provides an alternative to the iManager plug-in for team management.
The Provisioning view has been enhanced so that you now have the ability to:
Organize provisioning request definitions in categories. You can use the directory abstraction layer editor to define the categories.
Assign multiple properties (such as trustee assignments) for more than one provisioning request definition at a time.
The E-Mail activity provides a way to send an e-mail to interested parties outside of an Approval activity.
The Approval activity now provides a way to create a new form from the Approval activity property page.
The Approval activity also provides the ability to set a Reply To address field in e-mail notifications that is different from the From address.
The Log activity now allows custom messages to be added to the Comment History of a workflow.
Forms now support the onload event.
The following field methods are now supported:
getName()
validate()
hide()
show()
focus()
select()
activate()
setRequired()
The provisioning request definition's display name can now be defined as a static string or a localizable ECMA expression. By defining an expression, you can customize the approval task display name. This allows different instances of the same workflow to display unique entries in the task list in the User Application.
The display of Team Tasks has been enhanced to provide more flexibility in the interface and to optimize the user experience. The Team Tasks page displays dynamic content in two new presentation views, The Template view and the Exhibit view. Both formats use a table to display data to the user. In either format, the user can choose which columns to display, specify the order in which columns appear, and sort tasks by the values in a column.
The choice of display format is controlled by the administrator. Administrators can choose one view over the other because of presentation preferences or to take advantage of the following differentiating features:
The Template view (the default) provides accessibility support for nonvisual users. In addition, it includes a customizable paging feature.
The Exhibit view supports filtering and provides a data export facility.
This release adds runtime support for the following application server platforms:
JBoss* 4.2.0 on SUSE Linux Enterprise Server 10.1, SUSE Linux Enterprise Server 9 SP2, and Windows 2003 Server SP1
WebSphere* 6.1 on Solaris* 10 and Windows 2003 SP1
The Install program for the User Application installs the WAR for you. However, you need to deploy the WAR to WebSphere manually.
The database support for WebSphere includes Oracle* 10g, MS SQL* 2005 SP1, and DB2.
For a complete list of supported platforms, see System Requirements for Identity Manager.
This release also adds support for the following browser environments:
Internet Explorer 7 on Windows 2000 Professional SP4, Windows XP SP2, and Windows Vista Enterprise Version 6
Firefox* 2 on Red Hat Enterprise Linux WS 4.0, Novell Linux Desktop 9, SUSE Linux 10.1, and SUSE Linux Enterprise Desktop 10
The following interoperability changes have been made in this release:
The administrator can now use a configuration setting to specify whether the User Application should display the Hint on the Forgot Password screen.
The administrator can now use a configuration setting to enable or disable the password autocomplete feature in the Login dialog. This controls whether the browser lets the user save their credentials.
The login process now supports proxy smart card authentication through Access Manager. To make this possible, the User Application accepts SAML assertions injected into the HTTP header, and uses these assertions to make a SASL connection to the directory.
The following enhancements have been made to the SOAP endpoints in this release:
A new VDX service has been added to provide a SOAP endpoint for performing queries against the directory abstraction layer.
A new Notification service has been added to provide a SOAP endpoint for sending e-mail notifications.
A new method called getProcessesArray() has been added to the Provisioning service that includes an argument to allow you to limit the number of processes returned.
A new method called startWithCorrelationId() has also been added to the Provisioning service to allow you to start a set of related workflows and track them using a correlation ID
The SOAP endpoints provide a way for developers to build their own applications. They are not exposed in the out-of-the-box user interface for the User Application.
The User Application now lets you specify URL parameters to go directly to a provisioning request form.