Create a Provisioning Role

Create creating a Provisioning Role
cim140
You create a provisioning role once you decide about the role requirements:
  • Which users need other accounts
  • Which accounts are associated with the role
  • Who the members, administrators, and owners of the role are
You cannot rename a provisioning role after it is created.
Follow these steps:
  1. In the User Console, navigate to
    Roles and Tasks
    ,
    Provisioning Roles
    ,
    Create Provisioning Role
    .
    For details on each tab, click the
    Help
    link on the screen.
  2. Complete the
    Profile
    tab.
    • Ensure that the Provisioning Role Name does not contain "*" because it is treated as a regular expression.
    • You can specify custom attributes on the Profile tab that specify additional information about provisioning roles. You can use this additional information to facilitate role searches in environments that include a significant number of roles.
  3. Complete the
    Account Templates
    tab.
    1. Click an Endpoint Type, such as
      ActiveDirectory
      .
    2. Click an account template.
      The templates that you can click are based on Endpoint Type.
    3. Add more account templates as needed for different endpoint types.
  4. Complete the
    Provisioning Roles
    tab if you want to nest provisioning roles in this tab.
    This step requires that you have enabled nested roles for this environment.
  5. Complete the
    Administrators
    tab by adding admin rules that control who manages members and administrators of this role.
  6. Complete the
    Owners
    tab by adding owner rules that control who can modify this role.
  7. Click
    Submit
    .
    To verify that the role was created, click Provisioning Roles, View Provisioning Role.
Sample SOAP Request to Create a Provisioning a Role:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl"> <soapenv:Header/> <soapenv:Body> <wsdl:TaskContext> <wsdl:admin_id>user_name</wsdl:admin_id> <wsdl:admin_password>password</wsdl:admin_password> </wsdl:TaskContext> <wsdl:CreateProvisioningRole> <wsdl:CreateProvisioningRoleSearch> <wsdl:CreateNew>true</wsdl:CreateNew> </wsdl:CreateProvisioningRoleSearch> <wsdl:CreateProvisioningRoleProfileTab> <wsdl:Name>test_prov6</wsdl:Name> </wsdl:CreateProvisioningRoleProfileTab> <wsdl:CreateProvisioningRoleOwnersTab> <wsdl:Policy> <wsdl:add index="0"> <wsdl:Owner>
<![CDATA[<MemberRule><AttributeExpression attribute="%USER_ID%" comparator="EQUALS" value="imadmin"/></MemberRule>]] >
</wsdl:Owner> </wsdl:add> </wsdl:Policy> </wsdl:CreateProvisioningRoleOwnersTab> </wsdl:CreateProvisioningRole> </soapenv:Body> </soapenv:Envelope>