In most organizations, administrators spend significant time providing users with login accounts for different systems and applications. To simplify this repetitive activity, you can create provisioning roles, which are roles that contain account templates. The templates define the attributes that exist in one type of account. For example, an account template for an Exchange account defines attributes such as the size of the mailbox. Account templates also define how user attributes are mapped to accounts.
Consider an example where every employee at Forward, Inc needs access to a database and email. An administrator wants to avoid creating a database account and an email account for each employee one at a time. Therefore, the administrator creates a provisioning role for that company. The role contains an account template for a Microsoft Exchange server, to provide email accounts, and a template for an Oracle database. In this example, the Exchange server and the Oracle database are named endpoints, which are the system or application where the accounts exist.
Note: Forward, Inc. is a fictitious company name which is used strictly for instructional purposes only and is not meant to reference an existing company.
After the roles are created, business administrators, such as managers or support personnel, can assign those roles to users to give them accounts in endpoints. After users receive the role, they can log in to the endpoint.
Creating a provisioning role that includes an account template is a two-step process as follows:
The following sections explain how to create a role that can be used to assign accounts:
Copyright © 2015 CA Technologies.
All rights reserved.