Previous Topic: Use Case: Certify User Privileges Following an AcquisitionNext Topic: Certification Types

Administration GuideCertificationsCertification OverviewUse Case: Certifying Privileged Accounts

Use Case: Certifying Privileged Accounts

You can certify privileged accounts using information that is imported from the CA ControlMinder vault. This certification allows you to govern the access of your users and make sure that they do not have more access than they need.

Follow these steps:

  1. Configure the CA ControlMinder connector as follows:
    1. In the Portal, go to Administration, Universes, and select a universe.
    2. Click the Connectivity tab and click Add Connector.
    3. Select the CA ControlMinder (Shared Accounts) connector and click Next.
    4. Enter the CA ControlMinder Report Database credentials.

    Important! The CA ControlMinder connector must be the only connector in the universe.

  2. Run the connector to import the privileged account data.

    Note: If the CA ControlMinder Server is unavailable, or to import privileged account information from another source, you can manually create the CSV files using the PUPM.ktr PDI transformation. Then select the CA ControlMinder (Shared Accounts, via CSV) connector and supply the paths to the CSV files you created.

  3. Once the user-account information is imported into the product, run an Account Certification as follows:
    1. In the Portal, go to Compliance Management, New Certification.
    2. Under Template, select Account Certification.
    3. Continue with the certification wizard, selecting the appropriate options.
    4. Start the account certification.