Novell Doc: Novell Credential Provisioning Policies for Identity Manager 3.5.1 - Creating Credential Provisioning Policies for Novell SecretStore

5.5 Creating Credential Provisioning Policies for Novell SecretStore

After the repository and application objects are created, policies need to be created to provision SecretStore information. The policies can be created in Designer or iManager.

5.5.1 Creating Credential Provisioning Policies for Novell SecretStore in Designer

The policies use the information stored in the repository and application objects.

In the Policy Builder, create a new policy.
(Optional) To clear the SSO credential, so objects can be deprovisioned, select the clear SSO credential action, then fill in the following fields:
- Specify Credential Repository Object DN: Browse to and select the repository object. (See worksheet item 8).
- Specify Target User DN: Create the DN of the target users by using the Argument Builder. (See worksheet item 15).
- Specify Application Credential ID: Specify the application ID. (See worksheet item 9).
- Specify Login Parameter Strings: Launch the String Builder and enter each authentication key for the application. (See worksheet item 10).
(Optional) To set the SSO credential when a user object is created or when a password is modified, select the set SSO credential action, then fill in the following fields:
- Specify Credential Repository Object DN: Browse to and select the repository object. (See worksheet item 8).
- Specify Target User DN: Create the DN of the target users by using the Argument Builder. (See worksheet item 15).
- Specify Application Credential ID: Specify the application ID. (See worksheet item 9).
- Specify Login Parameter Strings: Launch the String Builder and enter each authentication key for the application. (See worksheet item 10).

5.5.2 Configuring Credential Provisioning Policies for Novell SecretStore in iManager

The policies use the information stored in the repository and application objects.

In the Policy Builder, create a new policy.
(Optional) To clear the SSO credential, so objects can be deprovisioned, select the clear SSO credential action, then fill in the following fields:
- Enter Credential Repository Object DN: Browse to and select the repository object. (See worksheet item 8).
- Enter Target User DN: Create the DN of the target users by using the Argument Builder. (See worksheet item 15).
- Enter Application Credential ID: Specify the application ID. (See worksheet item 9).
- Enter Login Parameter Strings: Launch the String Builder and enter each authentication key for the application. (See worksheet item 10).
(Optional) To set the SSO credential when a user object is created or when a password is modified, select the set SSO credential action, then fill in the following fields:
- Enter Credential Repository Object DN: Browse to and select the repository object. (See worksheet item 8).
- Enter Target User DN: Create the DN of the target users by using the Argument Builder. (See worksheet item 15).
- Enter Application Credential ID: Specify the application ID. (See worksheet item 9).
- Enter Login Parameter Strings: Launch the String Builder and enter each authentication key for the application. (See worksheet item 10).