A.2 Global Configuration Values

Global configuration values (GCVs) are values that can be used by the driver to control functionality. GCVs are defined on the driver or on the driver set. Driver set GCVs can be used by all drivers in the driver set. Driver GCVs can be used only by the driver on which they are defined.

The SOAP driver includes several predefined GCVs. You can also add your own if you discover you need additional ones as you implement policies in the driver.

To access the driver’s GCVs in iManager:

  1. Click to display the Identity Manager Administration page.

  2. Open the driver set that contains the driver whose properties you want to edit.

    1. In the Administration list, click Identity Manager Overview.

    2. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.

    3. Click the driver set to open the Driver Set Overview page.

  3. Locate the driver icon, click the upper right corner of the driver icon to display the Actions menu, then click Edit Properties.

    or

    To add a GCV to the driver set, click Driver Set, then click Edit Driver Set properties.

To access the driver’s GCVs in Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver icon or line, then select Properties > Global Configuration Values.

    or

    To add a GCV to the driver set, right-clickthe driver set icon , then click Properties > GCVs.

The global configuration values are organized as follows:

Table A-8 General Values

Option

Description

SPML Identifier Type

This option is only available when using the SPML configuration for the driver.

SPML introduces the concept of a Provisioning Service Target Data Identifier or PSTD-ID. A PSTD-ID is a unique identifier for a data set. An example of a PSTD-ID for a directory entry is a Distinguished Name (DN).

The SOAP driver uses the PSTD-ID for the association key. The Identifier Type defines the allowable PSTD-ID type. Select the Identifier Type to be used.

Table A-9 Password Configuration

Option

Description

Application accepts passwords from Identity Manager

If True, allows passwords to flow from the Identity Manager data store to the connected system.

In Designer, you must click the icon next to an option to edit it. This displays the Password Synchronization Options dialog that box that has a better display of the relationship between the different GCVs.

In iManager, you should edit the Password Management Options on the Server Variables tab rather than under the GCVs. The Server Variables page has a better display of the relationship between the different GCVs.

For more information about how to use the Password Management GCVs, see Configuring Password Flow in the Identity Manager 3.6.1 Password Management Guide.

Identity Manager accepts passwords from application

If True, allows passwords to flow from the connected system to Identity Manager.

Publish passwords to NDS password

Use the password from the connected system to set the non-reversible NDS® password in eDirectory.

Publish passwords to Distribution Password

Use the password from the connected system to set the NMAS™ Distribution Password used for Identity Manager password synchronization.

Require password policy validation before publishing passwords

If True, applies NMAS password policies during publish password operations. The password is not written to the data store if it does not comply.

Reset user’s external system password to the Identity Manager password on failure

If True, on a publish Distribution Password failure, attempt to reset the password in the connected system using the Distribution Password from the Identity Manager data store.

Notify the user of password synchronization failure via e-mail

If True, notify the user by e-mail of any password synchronization failures.

Connected System or Driver Name

The name of the connected system, application, or Identity Manager driver. This value is used by the e-mail notification templates.