Table of Contents
Advertisement
A user is renamed.
You manually initiate a reevaluation of a policy's membership.
2. The driver updates the DirXML-EntitlementRef attribute of any user whose entitlements have
changed. This includes granting entitlements if the user was added to an entitlement policy or
revoking entitlements if the user was removed from a policy.
3. After the DirXML-EntitlementRef attribute for a user is updated, the Entitlements Service
driver's job is finished. For the entitlement to be implemented, the entitlement must be defined
on the appropriate driver and the driver's policies must include the actions required to enforce
the entitlement. For information about creating entitlements and the policies to support them,
see the
Identity Manager 3.6.1 Entitlements Guide (http://www.novell.com/documentation/
idm36/idm_entitlements/data/bookinfo.html).
1.2 Role-Based Entitlements Versus Other
Entitlements
Entitlements managed through the Entitlements Service driver are called Role-Based Entitlements,
or RBEs, because they are granted to users who are members of, or have a role in, an entitlement
policy. Only the Entitlements Service driver uses Role-Based Entitlements and entitlement policies.
The two other entitlement agents (roles-based provisioning and workflow-based provisioning
through the User Application) use their own methods for assigning entitlements to users.
The Role-Based Entitlement functionality in iManager lets you manage the entitlement policies used
by the Entitlements Service driver.
1.3 Multiple Entitlements Service Drivers
If your Identity Manager system includes multiple driver sets and you want to use Role-Based
Entitlements with each driver set, you must create an Entitlements Service driver in each driver set.
In addition, the Entitlements Service driver can manage only those User objects that are in a master
or read/write replica on the Metadirectory server (where the Entitlements Service driver is located).
If necessary, you can run multiple Entitlements Service drivers in the same driver set. However, you
must make sure that the scope of users managed by each of the drivers does not overlap. For
example, entitlements for User A should not be managed by two different Entitlement Service
drivers.
Overview
11
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION
Related Products for Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION
- NOVELL IDENTITY MANAGER 3.6.1 - CLIENT LOGIN EXTENSION GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - E-MAIL
- NOVELL IDENTITY MANAGER 3.6.1 - ENTITLEMENTS
- NOVELL IDENTITY MANAGER 3.6.1
- NOVELL IDENTITY MANAGER 3.6.1 - PASSWORD MANAGEMENT
- NOVELL IDENTITY MANAGER DRIVER FOR ID PROVIDER 3.6.1 - IMPLEMENTATION
- NOVELL IFOLDER 3.6 - SECURITY ADMINISTRATION
- NOVELL IFOLDER 3.7 - SECURITY ADMINISTRATION
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - 08-22-2008
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - 07-20-2009
- NOVELL IFOLDER 3.6 - CROSS-PLATFORM
- NOVELL IFOLDER 3.7 - CROSS-PLATFORM
- NOVELL IFOLDER 3.8 - DEPLOYMENT
- Novell Designer for Identity Manager 3.5
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
Need help?
Do you have a question about the IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION and is the answer not in the manual?
Questions and answers