To create and configure the Role and Resource Service driver in iManager:
Open iManager in a Web browser.
Go to Roles and Tasks > Identity Manager Utilities and select .
Install the User Application driver before installing the Role and Resource Service driver. Use Version 3.7.0 of the User Application driver (UserApplication_3_7_0-IDM3_6_0-V1.xml) with the Role and Resource Service driver. If you use a different version of the User Application driver, the Roles and Resources Catalogs might not be available.
In the wizard, keep the default of Section 4.1, Creating the User Application Driver in iManager. Click .
. Browse to your Driver Set created inNOTE:The User Application Driver and the Role and Resource Driver should be in the same Driver Set.
Select RoleResourceService_3_7_0-IDM3_6_0-V1.xml from the drop-down list. This is the Role and Resource Service driver configuration file that supports the Roles Based Provisioning Module.
If this file is not in the list, the Roles Based Provisioning Module installer might be installed correctly.
Click
.Fill out the requested information in the Import Information Requested page. The following table describes the requested information.
Option |
Description |
---|---|
|
Specify the driver name or keep the default name, Role and Resource Service, of the Role and Resource Service driver. If you install a new driver with the same name as an existing driver, the new driver overwrites the existing driver’s configuration. Use the button to see the existing drivers on the selected driver set. This is a required field. |
|
The driver acts only on users, containers, and groups in this base container. If there are group role or resource assignments, the Role and Resource Service Driver only grants/revokes roles or resources on members within the domain of the container. |
|
The distinguished name of the User Application driver object that is hosting the role or resource system. Use the eDirectory format, such as UserApplication.driverset.org, or browse to find the driver object. This is a required field. |
|
The URL used to connect to the User Application in order to start approval workflows. The example URL given is . This is a required field. |
|
The distinguished name of the object used to authenticate to the User Application in order to start Approval Workflows. This can be a User Application Administrator to whom you are giving rights to administer the User Application portal. Use the eDirectory format, such as admin.department.org, or browse to find the user. This is a required field. |
|
Password of the User Application Administrator specified in the Authentication ID. The password is used to authenticate to the User Application in order to start Approval Workflows. This is a required field. |
|
Re-enter the password of the User Application Administrator. |
After the information is filled in, click
.Click Define Security Equivalences to open the Security Equals window. Browse to and select an administrator or other Supervisor object, then click .
This step gives the driver the security permissions it needs. Details about the significance of this step can be found in your Identity Manager documentation.
(Optional, but recommended) Click Exclude Administrative Roles.
Click Add, select users you want to exclude for driver actions (such as administrative roles), click OK.
Click
to close the Security Equals window, then click to display the summary page.If the information is correct, click Finish.