Before you create a preventative identity policy, you create an identity policy set, which logically groups a set of identity policies.
Note: See Important Notes about Preventative Identity Policies before you begin.
To create a preventative identity policy set
Create a new identity policy set or use an existing identity policy set as a template.
Note: The Apply Once and Compliance settings do not apply to preventative identity policies.
Note: The role owner filter and the LDAP query filter are not supported for preventative identity policies.
CA Identity Manager displays a message in View Submitted Tasks that describes the violation, but allows the task to be submitted.
CA Identity Manager displays a message in the User Console and prohibits the task from submitting.
CA Identity Manager displays a message in the User Console and in View Submitted Tasks. This action can optionally trigger a workflow process.
When you select one of these actions, CA Identity Manager displays a text box where you can specify the message that appears when a violation occurs.
Note: If you are localizing the User Console, you can specify a resource key instead of text in the message field. See the User Console Design Guide for more information about resource keys.
Note: Before you use the identity policy set that you created, make sure that identity policies are enabled in the Management Console. See the Configuration Guide for more information.
Copyright © 2015 CA Technologies.
All rights reserved.