Create a Provisioning Role
Create creating a Provisioning Role
cim140
You create a provisioning role once you decide about the role requirements:
- Which users need other accounts
- Which accounts are associated with the role
- Who the members, administrators, and owners of the role are
You cannot rename a provisioning role after it is created.
Follow these steps:
- In the User Console, navigate toRoles and Tasks,Provisioning Roles,Create Provisioning Role.For details on each tab, click theHelplink on the screen.
- Complete theProfiletab.
- Ensure that the Provisioning Role Name does not contain "*" because it is treated as a regular expression.
- You can specify custom attributes on the Profile tab that specify additional information about provisioning roles. You can use this additional information to facilitate role searches in environments that include a significant number of roles.
- Complete theAccount Templatestab.
- Click an Endpoint Type, such asActiveDirectory.
- Click an account template.The templates that you can click are based on Endpoint Type.
- Add more account templates as needed for different endpoint types.
- Complete theProvisioning Rolestab if you want to nest provisioning roles in this tab.This step requires that you have enabled nested roles for this environment.
- Complete theAdministratorstab by adding admin rules that control who manages members and administrators of this role.
- Complete theOwnerstab by adding owner rules that control who can modify this role.
- ClickSubmit.To verify that the role was created, click Provisioning Roles, View Provisioning Role.
Sample SOAP Request to Create a Provisioning a Role:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl"> <soapenv:Header/> <soapenv:Body> <wsdl:TaskContext> <wsdl:admin_id>user_name</wsdl:admin_id> <wsdl:admin_password>password</wsdl:admin_password> </wsdl:TaskContext> <wsdl:CreateProvisioningRole> <wsdl:CreateProvisioningRoleSearch> <wsdl:CreateNew>true</wsdl:CreateNew> </wsdl:CreateProvisioningRoleSearch> <wsdl:CreateProvisioningRoleProfileTab> <wsdl:Name>test_prov6</wsdl:Name> </wsdl:CreateProvisioningRoleProfileTab> <wsdl:CreateProvisioningRoleOwnersTab> <wsdl:Policy> <wsdl:add index="0"> <wsdl:Owner><![CDATA[<MemberRule><AttributeExpression attribute="%USER_ID%" comparator="EQUALS" value="imadmin"/></MemberRule>]] ></wsdl:Owner> </wsdl:add> </wsdl:Policy> </wsdl:CreateProvisioningRoleOwnersTab> </wsdl:CreateProvisioningRole> </soapenv:Body> </soapenv:Envelope>