Create a Provisioning Role
You create a provisioning role once you decide about the role requirements:
cim140
You create a provisioning role once you decide about the role requirements:
- Which users need other accounts
- Which accounts are associated with the role
- Who the members, administrators, and owners of the role are
You cannot rename a provisioning role after it is created.
Follow these steps:
- In the User Console, navigate toRoles and Tasks,Provisioning Roles,Create Provisioning Role.For details on each tab, click theHelplink on the screen.
- Complete theProfiletab.
- Ensure that the Provisioning Role Name does not contain "*" because it is treated as a regular expression.
- You can specify custom attributes on the Profile tab that specify additional information about provisioning roles. You can use this additional information to facilitate role searches in environments that include a significant number of roles.
- Complete theAccount Templatestab.
- Click an Endpoint Type, such asActiveDirectory.
- Click an account template.The templates that you can click are based on Endpoint Type.
- Add more account templates as needed for different endpoint types.
- Complete theProvisioning Rolestab if you want to nest provisioning roles in this tab.This step requires that you have enabled nested roles for this environment.
- Complete theAdministratorstab by adding admin rules that control who manages members and administrators of this role.
- Complete theOwnerstab by adding owner rules that control who can modify this role.
- ClickSubmit.To verify that the role was created, click Provisioning Roles, View Provisioning Role.
Sample SOAP Request to Create a Provisioning a Role:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl"><soapenv:Header/><soapenv:Body><wsdl:TaskContext><wsdl:admin_id>user_name</wsdl:admin_id><wsdl:admin_password>password</wsdl:admin_password></wsdl:TaskContext><wsdl:CreateProvisioningRole><wsdl:CreateProvisioningRoleSearch><wsdl:CreateNew>true</wsdl:CreateNew></wsdl:CreateProvisioningRoleSearch><wsdl:CreateProvisioningRoleProfileTab><wsdl:Name>test_prov6</wsdl:Name></wsdl:CreateProvisioningRoleProfileTab><wsdl:CreateProvisioningRoleOwnersTab><wsdl:Policy><wsdl:add index="0"><wsdl:Owner><![CDATA[<MemberRule><AttributeExpression attribute="%USER_ID%" comparator="EQUALS" value="imadmin"/></MemberRule>]] ></wsdl:Owner></wsdl:add></wsdl:Policy></wsdl:CreateProvisioningRoleOwnersTab></wsdl:CreateProvisioningRole></soapenv:Body></soapenv:Envelope>