Table of Contents
Advertisement
5 On the Step 1 of 6: Name and describe the Entitlement Policy page, fill in the fields:
Entitlement Policy Name: Provide a name that indicates the purpose of the entitlement. The
name must be unique within the driver set and cannot include more than 64 characters.
Description: Provide any additional information you want to identity the policy.
6 On the Step 2 of 6: Define Dynamic Membership page, fill in the fields:
Dynamic membership lets you define which users should be members of the entitlement policy
by specifying criteria and specifying where in the tree to search for users that meet the criteria.
If a user meets the criteria you specify, the policy's entitlements are automatically applied to
the user. If the user's information changes and no longer meets the criteria, the entitlements are
revoked without any manual intervention.
Search Identity: Specify an object that has the rights that you want to be used when querying
for Dynamic Membership. This field defaults to the object you logged in as, but you can
change it to an object with the appropriate rights.
For example, if you log in as the administrator, there might be parts of the tree that you have
rights to that you don't want included in the query for the dynamic list of members.
You could use this field to specify the Driver Set object, making sure that the Driver Set has the
appropriate rights. Or, you could create a User object specifically for use with Entitlement
Policies, and assign it the rights you want the query to use.
Begin Search at (Base DN): Specify the base container where you want the user search to
begin.
Scope of Search: Specify whether you want to search the base container and all of its
subcontainers (This container and its subcontainers) or only the base container (This container
only).
For the entitlement policy to evaluate users in the containers you specify, the users must be in a
read/write or master replica on the Metadirectory server that is running the Entitlements
Service driver.
Criteria: Specify the criteria that determine which users are members of the policy. The
criteria are organized into criteria groups. Each group can contain one or more criterion. You
click the
additional groups.
24
Identity Manager 3.6.1 Driver for Role-Based Entitlements: Implementation Guide
icon to add criterion to a group. You can also click Add New Group to create
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION
Related Products for Novell IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION
- NOVELL IDENTITY MANAGER 3.6.1 - CLIENT LOGIN EXTENSION GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - E-MAIL
- NOVELL IDENTITY MANAGER 3.6.1 - ENTITLEMENTS
- NOVELL IDENTITY MANAGER 3.6.1
- NOVELL IDENTITY MANAGER 3.6.1 - PASSWORD MANAGEMENT
- NOVELL IDENTITY MANAGER DRIVER FOR ID PROVIDER 3.6.1 - IMPLEMENTATION
- NOVELL IFOLDER 3.6 - SECURITY ADMINISTRATION
- NOVELL IFOLDER 3.7 - SECURITY ADMINISTRATION
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - 08-22-2008
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - 07-20-2009
- NOVELL IFOLDER 3.6 - CROSS-PLATFORM
- NOVELL IFOLDER 3.7 - CROSS-PLATFORM
- NOVELL IFOLDER 3.8 - DEPLOYMENT
- Novell Designer for Identity Manager 3.5
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
Need help?
Do you have a question about the IDENTITY MANAGER ENTITLEMENTS SERVICE DRIVER 3.6.1 - IMPLEMENTATION and is the answer not in the manual?