Integrating NetIQ (Novell) Identity Manager (IDM) with Aveksa Compliance Manager (ACM)
Steps to Entitlement Provisioning:
- Install the “Role Based Provisioning Module” which installs the Webservice to connect IDM and ACM
- Create the “User application” and “Role and Provisioning” drivers (these drivers can be configured to hold the entitlements and role information)
- Enable the Novell Plugin in the plugin folder on the Aveksa server, this creates a fulfillment workflow handler with the IDM connection information for provisioning.
If Entitlements are enabled on the IDM, create the Application and Entitlement collector.
Configure the fulfillment handler generated under the request tab for the application (this will add the entitlements to users on the request process.)
If Role Based Provisioning is being used then create the Application and Role collector.
Configure the fulfillment handler generated under the request tab for the application (this will add the entitlements to users on the request process).
Entitlements can then be added to roles in RBPM and provisioned using ACM.
If Entitlements are not implemented in IDM but are represented as Groups and custom attributes in eDirectory:
- Design and develop a java method that connects and make changes to groups and attributes in LDAP
- Develop a custom fulfillment workflow embedded within the java method developed
- Create an entitlements collectors for groups and attributes and assign them under an application
- Configure this custom fulfillment within the request process for the application created.
The request process uses the fulfillment workflow which in turn uses the java method and thus provisions the changes to the IDM (the drivers on IDM should be configured to sync the groups to connected systems).
Questions, comments or concerns? Feel free to reach out to us below or at IDMWORKS