How to Create and Deploy Connectors Using Connector Xpress
You can configure provisioning for an environment to provide accounts in other systems to users managed by . Accounts provide users with access to additional resources, such as an email account. You provide these additional accounts by assigning provisioning roles, which you create through .
You can configure provisioning for an environment to provide accounts in other systems to users managed by
Identity Manager. Accounts provide users with access to additional resources, such as an email account. You provide these additional accounts by assigning provisioning roles, which you create through
As an administrator, complete the following steps:
Before you configure the environment for provisioning, make sure that the Provisioning Directory is installed on CA Directory. For more information, see the
Enable Provisioning Server Access
Configure the Inbound Administrator
For the inbound synchronization to work, create a special
Identity Manageruser called
inbound administrator. An inbound administrator is an account that
Identity Manageruses during synchronization. In the previous releases of
Identity Manager, the inbound administrator was called the
corporate user. No user logs in to this user account; instead,
Identity Manageruses it internally. Use this procedure for configuring user account with an inbound administrator privileges.
Follow these steps:
- Log in to the environment as the user with the System Manager role.
- Create a user. You can name the userinboundas a reminder of its purpose.
- Choose Admin Roles, Modify Admin Role, and select a role that contains the tasks you use for the synchronization.
Note:If you have not modified the default synchronization tasks, use the Provisioning Synchronization Manager role.
- Provisioning Create User
- Provisioning Enable/Disable User
- Provisioning Modify User
- On the Members tab, add a member policy that includes:
- A member rule that the new user meets.
- A scope rule providing access to all users who are affected by provisioning directory changes that trigger the inbound synchronization. Select the Owners tab to create the owner rule.
- In the Management Console:
- Select the Environment.
- Select Advanced Settings, Provisioning.
- Complete the Organization for the Creating Inbound Users field if the CA Identity Manager directory includes an organization.This organization is where users are created when the inbound synchronization occurs. For example, when a user is added to the provisioning directory, CA Identity Manager adds the user to this organization.
- Complete the Inbound Administrator field with the User ID of the user that you created in Step 2.
- Click Validate to confirm the user ID is accepted. The complete user ID appears below the user ID entered.
- Modify other fields on the screen.When you modify, be sure that you understand how the fields interact. For details on each field, click the Help link on the screen.
Connect an Environment to the Provisioning Server
Configure Synchronization in the Provisioning Manager
Import Custom Provisioning Roles
Account Synchronization for the Reset User Password Task