1.4 Design and Configuration Tools

The various administrators can use the following tools to design and configure the Identity Manager User Application.

Table 1-4 Tools for Designing and Configuring the User Application



Designer for Identity Manager

A powerful, graphical toolset for configuring and deploying Identity Manager. The following plug-ins are designed to help you configure the User Application:

  • Directory Abstraction Layer editor: Lets you define the Identity Vault objects needed for your User Application.

  • Provisioning Request Definition editor: Lets you create workflows for provisioning request definitions. Also allows you to customize the forms by which users make and approve requests and e-mail templates.

  • Provisioning view: Lets you import, export, deploy, and migrate directory abstraction layer and provisioning requests to the User Application driver.

For more information, see the Identity Manager User Application: Design Guide.


A Web-based administration console. The following plug-ins are designed to help you configure and administer the User Application:

  • Provisioning Request Configuration plug-in: Lets you bind the provisioning request definition to a provisioned resource, specify the runtime characteristics of the associated workflow and enable its use.

  • Workflow Administration plug-in: Provides a browser-based interface that lets you view the status of workflow processes, reassign activities within a workflow, or terminate a workflow in the event that it is stopped and cannot be restarted.

  • Provisioning Team plug-in: Lets you define the characteristics of a team. A team identifies a group of users and determines who can manage provisioning requests and approval tasks associated with this team. The team definition consists of a list of team managers, team members, and team options.

  • Provisioning Team Request plug-in: Lets you specify the request rights for a team. The team requests objects specify a list of requests that fall within the domain of a team, as well as the rights given to the team managers. The request rights specify actions that team managers can perform on the provisioning requests and tasks.

For more information, see Section V, Configuring and Managing Provisioning Workflows

User Application Admin tab

A Web-based administration console that allows you to configure, manage, and customize the User Application. It contains the following pages:

  • Application Configuration: Lets you configure caching, LDAP parameters, logging, themes, password module setup

  • Page Administration: Lets you create new portlets or customize existing Identity Self-Service pages

  • Portlet Administration: Lets you create new or customize the existing portlets used on the Identity Self-Service pages.

  • Provisioning: Lets you configure Delegation, Proxy, Tasks, Digital Signature service, and engine and cluster settings.

  • Security: Lets you define who has Provisioning Administrator and User Application Administrator privileges.

For more information, see Section III, Administering the User Application.

lreport.exe (log report tool) and iManager Auditing and Logging feature

A number of predefined log reports (that come with Identity Manager) are available in Crystal Reports* (.rpt) format for filtering data logged to the Novell Audit database. The lreport.exe log report tool (Windows* only) is one way to generate the reports. You can also use other methods to create the reports. See Section 3.0, Setting Up Logging for details.