Create an Identity Policy
After you define the profile and member rule for the Identity Policy Set, you can define the identity policies in that policy set.
Note: In large implementations, it may take significant time to evaluate identity policy rules. To reduce the evaluation time for rules that include user-attributes, you can enable the in-memory evaluation option. For more information, see the Configuration Guide.
To create an identity policy
- Select the Policies tab.
- Click Add.
- Enter a name for the identity policy.
- Select the Apply Once check box if you want to apply the policy only when a user first meets the policy.
- Select the Compliance check box to flag this policy as a compliance policy.
If this check box is selected:
- CA Identity Manager can generate reports for users that are not synchronized with compliance policies.
- The Compliance Violation action is visible in the Action on Apply/Remove Policy list box.
- Identify the users to which the policy applies in the Policy Condition section.
- In the Action on Apply Policy section, define the actions that CA Identity Manager takes when the identity policy is applied to a user.
- In the Action on Remove Policy section, define the actions that CA Identity Manager takes when a user no longer meets the conditions for the identity policy.
- Click OK.
Note: Before you can use the identity policy set that you created, enable identity policies in the Management Console. See the Configuration Guide for more information.
Copyright © 2015 CA Technologies.
All rights reserved.