CA Identity Manager
CA Product References
Contact CA
Getting Started
What You See in the Identity Manager User Console
Category List
What Identity Manager Help Describes
Admin Roles for User Management
Admin Roles and Admin Tasks
Admin Roles and Identity Manager Environments
Admin Roles and the Identity Manager User Console
Create an Admin Role
Begin Admin Role Creation
Define the Admin Role Profile
Select Admin Tasks for the Role
Define Member Policies for an Admin Role
Define Admin Policies for an Admin Role
Define Owner Rules for an Admin Role
Allow Users to Self-Assign Roles
Verify an Admin Role
Admin Tasks
Admin Task Planning
A Sample Admin Task
Admin Task Usage Options
Admin Task Processing
How to Create an Admin Task
Define the Profile of the Task
Admin Task Profile Tab
Task Categories
Disable Automatic Task Cancellation
Choose Tabs for the Task
Tab Controllers
Select a Tab Controller
Configure a Tab Controller
Sample Javascript for Tab Controllers
List of Default Tabs
Profile Tabs and Profile Screens
Modify a Profile Screen
Format of the Profile Screen
Field Properties on a Profile Screen
Style Options
Date Picker Options
Screen-Defined Logical Attributes
Add Screen-Defined Logical Attributes
Screen-Defined Logical Attributes in View Submitted Tasks
Select Box Data
History Editor Field Properties
History Display Field Properties
Organization Field
Configure a Dynamic Organization Field
Layout of the Profile Screen
Add a Binary Attribute or Picture to a Profile Screen
Add Page Sections
Add a Nested Task
Add Help Text to Profile Screens
User-defined Custom Attributes for Roles
Configure Custom Attributes in Profile Tab for Roles
Add Custom Attributes to Search Screen Definitions
List Screens
Add a Task List
Account Tabs
Prerequisite for Using the Accounts Tab
Fields on the Accounts Tab
Additional Functions on the Accounts Tab
Schedule Tab
Add the Schedule Tab to an Admin Task
Object-Task Navigation
Configure Object-Task Navigation
Define the Task Scope
Search Screen Configuration
Search Filters
Search Fields and Search Results
User-Defined Help on Search Screens
Types of Search Screens
View Fields in the Task
Assign Workflow Processes for Events
Active Directory Prerequisites
The sAMAccountName Attribute
Group Type and Scope
External Tasks for Application Functions
The External Tab
The External URL Tab
Advanced Task Components
Configure Task-Level Validation
Create Business Logic Task Handlers
Provisioning Roles
Multiple Accounts for Users
Identity Manager Users
Global Users
Accounts on Endpoint Systems
Tasks for Provisioning Roles
Create a Provisioning Role
Import a Provisioning Role
Access Roles
Access Roles in Identity Manager
How Access Roles Manage Entitlements
Example: Indirect Profile Attribute Modification
Create an Access Role
Begin Access Role Creation
Define the Profile of an Access Role
Define Member Policies for an Access Role
Define Admin Policies for an Access Role
Define Owner Rules for an Access Role
Identity Policies
Identity Policies
Identity Policy Set Planning Worksheet
Create an Identity Policy Set
Define the Profile for the Identity Policy Set
Create an Identity Policy
The Apply Once Setting
Policy Conditions
Actions on Apply/Remove Policies
Specify Owners for the Identity Policy Set
Manage an Identity Policy Set
How Users and Identity Policies Are Synchronized
Configure Automatic User Synchronization
Synchronize Users Manually
Verify User Synchronization
Identity Policy Sets in an Identity Manager Environment
Example: Automatically Populating User Attributes
Example: Allocating Resources and Entitlements
Example: Enforcing Compliance
Example: Enforcing Segregation of Duties
Self-Service Tasks
Identity Manager Self-Service Tasks
How to Configure Self-Service Tasks
Configure the Self-Registration Task
Set Up a Default Organization for Self-Registered Users
Add Verification Questions and Answers
Configure the Forgotten Password Reset and Forgotten User ID Tasks
The Forgotten Password Reset Task
The Forgotten User ID Task
Custom Forgotten Password Reset and Forgotten User ID Tasks
Collect Question and Answer Pairs for User Verification
Set Up the Forgotten Password Reset or User ID Task
Design Identification Screens
Design Verification Screens
Display Multiple Verification Questions At One Time
Display One Verification Question at a Time
Verify a User Attribute
Lock the Forgotten Password Reset or Forgotten User ID Task
Configure a Failed Attempt Limit
Configure a Successful Attempt Limit
Determine How Users Reset Passwords
Determine How Users Retrieve a Forgotten User ID
Customize Self-Service Tasks
Restrict Access to the Self Manager Role
Access Self Service Tasks
Configure Multiple Self-Service Tasks
Password Management
Password Management in Identity Manager
Password Policies
Create a Password Policy
Manage Password Policies
Configure Password Composition
Specify Regular Expressions
Regular Expressions Syntax
Configure Advanced Password Options
Password Policies with SiteMinder
Password Policies and Relational Databases
Apply a Password Policy to a Set of Users
Configure Password Expiration
Track Failed/Successful Logins Check Box
Authenticate on Login Tracking Failure Check Box
Password Expires if Not Changed Settings
Password Expires from Inactivity Settings
Incorrect Password Settings
Set Password Restrictions
Reset Password or Unlock Account
Install the GINA or Credential Provider
Configure the GINA
Configure the Credential Provider
Settings in the Registry
GINA Registry Settings
Credential Provider Registry Settings
Cube Browser Registry Settings
Cube Access Control Lists
GINA Access Control List Examples
Reset a Password for a Windows Login
Workflow
Workflow Overview
WorkPoint Process Diagram
Workflow and Email Notification
WorkPoint Documentation
How to Enable Workflow
Starting WorkPoint Designer
Workflow Control Methods
Template Method
How to Use the Template Method
Process Templates
How a Process Template Works
Single Stage Template Diagram
Two Stage Template Diagram
Process Template Attributes
Tasks and Events
Task-Level Workflow
Task-Level Process Attribute
Task-Level Control Diagram
How to Configure Task-Level Workflow
Event-Level Workflow
How to Configure Event-Level Workflow
Event-Level Control Diagram
Participant Resolvers: Template Method
Types of Participant Resolvers
Approval Task Role Members
User List
Group Members
Admin Role Members
Admin Task Members
Dynamic Resolver
Null Resolver
Custom Participant Resolver
Workflow Example: Create User
Create User Control Diagram
Workflow Example Implementation
WorkPoint Method
How to Use the WorkPoint Method
WorkPoint Processes
Global Process to Event Mapping
Mapping Processes to Events
Map a Process to an Event Globally
Map a Process to an Event in a Specific Task
Workflow Activities
Processes, Tasks, and Activities
Associate an Activity with an Approval Task
Participant Resolvers: WorkPoint Method
Types of Participant Resolvers
Role Participant Resolvers
Custom Participant Resolvers
Filter Participant Resolvers
Participant Resolvers Filter Syntax
Required Participant Resolver Filter Attributes
Optional Participant Resolver Filter Attributes
Add a Participant Resolver Filter
Example: Filter Participant Resolver
Participant Resolver Order of Precedence
Specify Workflow Resource Script
Specify Participants for Certify User Tasks
Processes in WorkPoint Designer
WorkPoint Process Diagram
WorkPoint Process Components
Manual Activity Properties
Conditional Transition Properties
Jobs and Process Instances
Filtering Jobs
Job Status and Properties
Activity and Work Item Properties
Performing Workflow Activities
Find and Notify the Participants
Accept and Perform the Approval Task
Workflow Server Completes the Activity
Online Requests
Online Request Tasks
Online Request Process
Online Request History
Using Online Requests
Workflow Action Buttons
Workflow Buttons in Approval Tasks
Button Configuration In Identity Manager
Adding Workflow Action Buttons
How to Add a Workflow Action Button
Button Configuration in WorkPoint Designer
Work Lists and Work Items
Displaying a Work List
Reserving Work Items
Reassignment and Reserved Work Items
Delegation and Reserved Work Items
How to Reserve or Release a Work Item
Delegating Work Items
Delegation Well-Known Attribute
How to Enable Delegation
How to Delegate for Yourself
Out of Office Assistant Screen
How to Delegate for Another User
How to Remove a Delegation
Reassigning Work Items
The Approvers Tab
How to Reassign Work Items
Users
Create a User
Manage a User
Modify a User
Assign Roles to a User
Assign Roles with the Modify Role Members/Administrators Task
Assign Roles with the Modify User Task
Groups
Create a Static Group
Create a Dynamic Group
Dynamic Group Query Parameters
Create a Nested Group
Static, Dynamic, and Nested Groups Example
Group Administrators
Compliance Support
Compliance Support in Identity Manager
User Entitlement Certification
How the Certification Process Works
How User Certification is Configured
Prerequisites for the User Certification Process
Configure Search Screens
Determine Certifiers
Configure Email Notifications
Configure Identity Manager Actions for Non-Certified Users
Require Approvals
Schedule Certification Tasks
Start the User Certification Process
Send Reminder Notifications
Use the Certify User Task
End the Certification Process
Reports
Reports Overview
Run Reports
Report Scheduler
Create a Snapshot Definition
View Reports
Set Reporting Options
Capture Snapshot Data
Create New Search Screen for Report Task
Option Pack
Introduction
Benefits of the Option Pack
Roles and Tasks
Samples
Customizing the Option Pack
Overview
Global Settings
Localize the Option Pack
Change the Look and Feel
Auditing
View Account Management Events
View Reverse Synchronization Events
Managing Accounts and Endpoints
Overview
Default Account Management Tasks
Acquire a New Endpoint Type
Create an Account Screen
Sample Active Directory Account Screen
Specify the Source for a Multi-Valued Attribute
Initialize Endpoint Accounts
Email Notifications
Overview
How to Create a New Email
When to Send
Recipients
Subject and Body
Modify Email
Disable Email
Configure SMTP
Creating Policies with Policy Xpress
Overview
How Policy Xpress Works
How to Create a Policy
Create a Policy
Run At Events
Data Elements
Use Dynamic Values in Data or Action Elements
Entry Rules
Conditions
Action Rules
Actions
Variables
Special Process Flow
On-Screen Attribute Validation
Create a Policy Xpress Logical Attribute Handler
Example: Dependant Drop-Down Boxes
WorkPoint Workflow Integration
Import a Policy
Policy Xpress Examples
Scheduled Reverse Synchronization
Overview
How Reverse Synchronization Works
Account Policy Management
Create Reverse Synchronization Account Policies
Attribute Policy Management
Create Reverse Synchronization Attribute Policies
Map Endpoint Attributes
Search for Existing Account and Attribute Policies
Run a Reverse Synchronization
Reverse Synchronization Recovery
Scheduled Tasks
Overview
Schedule a Task
Scheduled Task Recovery
Relate Tasks to Date-Based Attributes
Batch User Changes
Segregation Of Duties (SOD)
Overview
Create an SOD Rule
Search for Existing SOD Rules
SOD Violations
SOD Process Example
Option Pack Workflow
Overview
How to Configure Workflow
Configure a Workflow Process
Example: Triggering Attribute and Target Attribute
Default Check Boxes
Create an Approval Task
Create a WorkPoint Process
Define Approvers for Approval Tasks
How Approval Tasks are Triggered
Attribute Value and Sequence Order
Approver Type and Name
Set Time-Based Escalations
Delegation
Overview
Set an Out-of-Office Delegation
Perform On-task Delegation
System Tasks
Default System Tasks
Task Status in Identity Manager
How Identity Manager Determines Task Status
The View Submitted Tasks Tab
Search for Submitted Tasks
Search Attributes for Viewing Submitted Tasks
Task Status Description
View Task Details
View Event Details
Description of Event Status
Customize the View Submitted Tasks Tab
Configuration Settings for the View Submitted Tasks Tab
User History Tab
Search Attributes for Viewing User History
Customize the User History Tab
Configuration Settings for the User History Tab
The View User Activity Task
Bulk Loader
Add Bulk Loader Task to Admin Roles
How to Use the Bulk Loader
Create a Feeder File
Feeder File Format
Enable Email Notification for Feeder Tasks
Modify Parser File for Bulk Loader
Web Service Support for Bulk Loader
Bulk Loader Memory Considerations
Custom Data for Select Boxes
How to Populate Fields Using Select Box Data
Create a Select Box Data XML File
The Select Box Data XML File
Description of Select Box Data XML File
Import the Select Box Data XML File
Configure Fields to Use Select Box Data XML Files
How to Create Dependent fields Using Select Box Data
Logical Attribute Handlers
Create a Logical Attribute Handler
Copy a Logical Attribute Handler
Create a ForgottenPasswordHandler Logical Attribute Handler
Delete a Logical Attribute Handler
Modify a Logical Attribute Handler
View a Logical Attribute Handler
Connection Management
Create Connection
Connection for Reports
Default Tasks and Roles
Default Self-Service Tasks
Self Registration
Forgotten Password
Forgotten Password Reset
Forgotten User ID
Password Services
Default Admin Tasks
My Account
Change My Password
Modify My Groups
Modify My Profile
Out of Office
View My Roles
View My Submitted Tasks
View My Work List
Access Roles
Create Access Role
Create Access Task
Delete Access Role
Delete Access Task
Modify Access Role
Modify Access Role Members/Administrators
Modify Access Task
Reset Access Role Owners
View Access Role
View Access Role Members/Administrators
View Access Task
Admin Roles
Create Admin Role
Create Admin Task
Delete Admin Role
Delete Admin Task
Modify Admin Role
Modify Admin Role Members/Administrators
Modify Admin Task
Reset Admin Role Owners
View Admin Role
View Admin Role Members/Administrators
View Admin Task
Certification
Begin Certification Process
End Certification Process
Send Certification Reminder Notification
Send Final Certification Reminder Notification
Endpoints
Execute Explore and Correlate
Explore and Correlate Definition Tasks
Manage Orphan Accounts
Manage System Accounts
Environment
Create Logical Attribute Handler
Delete Logical Attribute Handler
Modify Logical Attribute Handler
View Logical Attribute Handler
Groups
Create Group
Delete Group
Modify Group
Modify Group Members
View Group
Organizations
Create Organization
Delete Organization
Modify Organization
View Organization
Policies
Create Identity Policy Set
Delete Identity Policy Set
Modify Identity Policy Set
View Identity Policy Set
Synchronize User
Create Password Policy
Delete Password Policy
Modify Password Policy
View Password Policy
Provisioning Roles
Create Provisioning Role
Delete Provisioning Role
Modify Provisioning Role
Modify Provisioning Role Members/Administrators
Reset Provisioning Role Owners
View Provisioning Role
View Provisioning Role Members/Administrators
System
Users
Create User
Delete User
Enable/Disable User
Modify User
Reset User Password
View User
Default Admin Roles
System Manager
Organization Manager
Group Manager
User Manager
Admin Role Manager
Access Role Manager
Security Manager
Password Manager
Certification Process Manager
Certify Manager
Self Manager
Provisioning Role Manager
Provisioning Synchronization Manager
Default Workflow Approval Roles
Screens and Tabs
Search Screens
Select Access Task
Select Access Role
Select Account Template
Select Admin Task
Select Admin Role
Select Container
Select Endpoint
Select Explore and Correlate Definition
Select User
Standard Search
Select Group
Select Organization
Select Identity Policy Set
Select Logical Attribute Handler
Select Password Policy
Select Provisioning Role
Forgotten Password
End User License Agreement
Select Screen Definition
Select Snapshot Definition
Select Report
Upload Bulk Loader Feeder File
Search Screen Configuration
Configure Standard Profile Screen
Configure Standard List Screen
Configure Standard Search Screen
Password or Forgotten User ID Screen
Configure End User License Agreement Screen
Configure Explore and Correlate Definition Screen
Tabs
Task Management Tabs
Access Task Profile Tab
Admin Task Profile Tab
Search Tab
Tabs Tab
Fields Tab
Events Tab
Role Use Tab
Schedule an Admin Task
Role Management Tabs
Access Role Profile Tab
Admin Role Profile Tab
Provisioning Role Profile Tab
Access Role Tasks Tab
Admin Role Tasks Tab
Account Templates Tab
Members Tab
Member, Admin, and Owner Rules
User Filter Options
Group Filter Options
Organization Filter Options
Organization Rule Options
Scope Rules
Administrators Tab
Owners Tab
Roles Self Manager Tab
Role Member and Administrator Management Tabs
Admin Role Membership Tab
Admin Role Administrators Tab
Access Role Membership Tab
Access Role Administrators Tab
Provisioning Role Membership Tab
Provisioning Role Administrators Tab
User Management Tabs
Access Roles Tab
Accounts Tab
Admin Roles Tab
Certify User Tab
Groups Tab
Provisioning Roles Tab
User Profile Tab
User History Tab
Group Management Tabs
Group Profile Tab
Group Membership Tab
Group Administrators Tab
Groups Tab
Organization Management Tabs
Organization Profile Tab
Endpoint Account Management Tabs
Execute Explore and Correlate Tab
Explore and Correlate Tab
Recurrence Tab
Manage System or Orphan Accounts
Workflow Management Tabs
Work List Tab
Approvers Tab
Approve Task Tab
Approve Event Tab
Work Item Delegation Tab
Policy Management Tabs
Policies Tab
Identity Policy Set Profile Tab
Identity Policy Set Owners Tab
Synchronization Summary Tab
Currently Matched Policies/Policies Already Applied Tab
Password Policy
General Settings
Report Management Tabs
Report Parameters Manager Tab
View My Report Tab
Snapshot Definition Profile Tab
Snapshot Definition Recurrence Tab
Snapshot Definition Maintenance Tab
Set Reporting Options Tab
Delete Report SchedulesTab
Capture Snapshot Data Tab
Bulk Loader Management Tabs
Loader Record Details Tab
Loader Actions Mapping
Logical Attribute Handler Management Tabs
Logical Attribute Handler Tab
Logical Attribute Handler Tab: ForgottenPasswordHandler
Settings
Restrictions
Question Tracking
Storage
Verification Logical Attributes
Delete Logical Attribute Handler Screen
System Management Tabs
View Select Box Data Tab
Select Box Data Tab
Create Select Box Data Provider
View Submitted Tasks
Search Attributes for Viewing Submitted Tasks
Task Details
Event Details
Connection Management Profile
Miscellaneous Tabs
Schedule an Admin Task
JSP Tab
Profile Tab (Generic)
External Tab
Tab Configuration
Tab Configuration: Bulk Loader Management Tabs
Configure Loader Actions Mappings Tab
Configure Loader Record Details Tab
Configure Feeder File Upload Search
Tab Configuration: Task Management Tabs
Configure Access Task Profile Tab
Configure Admin Task Profile Tab
Configure Search Tab
Configure Tabs Tab
Configure Events Tab
Configure Fields Tab
Configure Role Use Tab
Tab Configuration: Role Management Tabs
Configure Access Role Profile Tab
Configure Admin Role Profile Tab
Configure Provisioning Role Profile Tab
Configure Access Role Tasks Tab
Configure Admin Role Tasks Tab
Configure Account Templates Tab
Configure Members Tab
Configure Administrators Tab
Configure Owners Tab
Configure Roles Self Manager Tab
Tab Configuration: Role Member and Administrator Management Tabs
Configure Admin Role Membership Tab
Configure Admin Role Administrators Tab
Configure Access Role Membership Tab
Configure Access Role Administrators Tab
Tab Configuration: User Management Tabs
Configure User Profile Tab
Configure Access Roles Tab
Configure Admin Roles Tab
Configure Groups Tab
Configure Enable Disable Users Tab
Configure Certify User Profile Tab
Configure Certify Roles Tab
Configure Begin Certification Process Tab
Configure Send Certification Reminder Tab
Configure Non-Certified User Action Tab
Configure Forgotten Password Tab
Configure Forgotten User ID Tab
Configure Accounts Tab
Configure Policy View
Configure Provisioning Roles
Configure User History
Configure Synchronization Summary
Tab Configuration: Endpoint Account Management Tabs
Configure Explore and Correlate Tab
Configure Recurrence Tab
Configure Explore and Correlate Execute Tab
Configure Manual Correlation Tab
Tab Configuration: Workflow Management Tabs
Configure Approvers Tab
Configure Approve Task Details
Configure Approve Relationship Tab
Configure Work List
Configure User Delegation
Tab Configuration: Group Management Tabs
Configure Group Profile Tab
Configure Group Membership Tab
Configure Group Administrators Tab
Configure Groups Tab
Tab Configuration: Organization Management Tabs
Configure Organization Profile Tab
Tab Configuration: Policy Management Tabs
Configure Identity Policy Set
Configure the Identity Policy Set Profile Tab
Configure Identity Policy Set Owners Tab
Configure the Currently Matched Policies/Policies Already Applied Tab
Configure Password Policy Tab
Tab Configuration: Report Management Tabs
Configure Manage Report Types Tab
Configure View Report Instance Tab
Configure Report Snapshot Scheduler Tab
Configure Maintain Snapshot Definitions Tab
Configure Capture Snapshot Data Tab
Configure Snapshot Profile Tab
Configure Snapshot RecurrenceTab
Configure Report Scheduler Tab
Configure Report Type Selection Screen
Tab Configuration: System Management Tabs
Configure Select Box Data
Configure the Submitted Tasks Tab
Configure Connection Manager Profile Tab
Configure Logical Attribute Handler Tab
Tab Configuration: Miscellaneous Tabs
Configure Delete Tab
Configure External Tab
Configure External URL Tab
Configure JSP Tab
Configure Profile (Generic)
Configure Schedule Tab
Configure Relationship Tab
Configure My Submitted Tasks Tab