Various Identity Manager user application functionalities can be customized or custom-configured through the use of the Identity Manager Designer tool (which is based on the Eclipse Rich Client Platform) or via iManager plug-ins.
The available tools and their intended usages are described in the following table.
|
Tool |
Purpose |
|---|---|
|
Designer for Identity Manager |
General configuration tool for Identity Manager, allowing the developer, consultant, or system administrator to make detailed configuration changes to driver sets, drivers, policy definitions, and other artifacts. |
|
Directory abstraction layer Editor plug-in for Designer |
Allows you to define custom objects and relationships, and make changes to various configuration settings of the abstraction layer. See Section 4.0, Configuring the Directory Abstraction Layer, later in this guide. |
|
Provisioning Request Configuration plug-in |
Allow the definition and configuration of available provisioning request types (in iManager) |
|
Provisioned Resource Editor (available soon) |
Designer plug-in to allow creation and configuration of resources (objects that represent the resource that will be granted in response to a workflow) |
|
Workflow Definition Editor (available soon) |
Graphical workflow definition plug-in for Designer |
|
Workflow E-mail Templates Editor |
An iManager plug-in allowing administrators to add, delete, and edit e-mail templates. These templates may be used by the workflow system to notify users of workflow events. |
|
lreport.exe (log report tool) and iManager Auditing and Logging feature |
A number of predefined log reports (that come with Identity Manager) are available in Crystal Reports (.rpt) format for filtering data logged to the Novell Audit database. The lreport.exe log report tool (Windows only) is one way to generate the reports. You can also use other methods to create the reports; see Section 5.0, Setting up Logging for details. |
A system design expert would typically begin by using the directory abstraction layer editor (in Designer for Identity Manager) to set up custom abstraction layer definitions for the user application. These objects then become available for use by the abstraction layer (and therefore users of the user interface). Fine-grained access control settings can be exercised in the definition and use of these objects so that the administrator and end-users can see and manipulate only those objects (and attributes on the objects) for which they have appropriate rights.
If the Provisioning Module is installed, the system design expert or administrator would use the Provisioning Request Configuration wizards in iManager to define the provisioned resources and workflows that will be available to users of the user application. At the same time, the administrator would also use the e-mail templates editor functionality (in iManager) to define the content of the body of any e-mail notifications that will be sent by the workflow(s). See Section 23.0, Managing Provisioning Workflows for more information on this.
After configuring the abstraction layer, provisioning request definitions, audit requirements, and e-mail templates, the administrator would typically perform various configuration operations affecting the user application (involving security, caching, and other functionalities), using the administration features described in Section 10.0, Portal Configuration. Finally, the administrator would configure individual portlets as necessary, using the interfaces described in the various chapters under Part IV of this guide.
NOTE:The chapter immediately following this one describes some of these tasks in greater detail and should be consulted prior to implementing a production environment.