Client tools provide you with the capability to establish Rule-Based Roles during the discovery process. By assigning a set of User attributes that defines a rule. Client tools search the configuration to identify and establish roles that include users that match the rule. Roles that are created using this mechanism are identified as rule based roles and the roles are added to configuration. You can set several parameters to refine the process by which rule based roles are identified.
To assign rules for the discovery process
The Discover Rule-Based Roles window opens.
Defines a prefix to be included as part of each role discovered.
You can set several Users Attributes to serve as the basis for the rules-based role search. CA GovernanceMinder creates roles for each group of users that match the attributes added to the Attributes to Search list. Thus, if you select the Organization and organization Type attributes, client tools create roles for groups of Users that match the selection and that have common resources.
Select this option to prevent rules being created where an attribute does not contain any values.
Specify the range of values for which roles will be searched. This is useful in case you wish to search for a single role, or for a part of a hierarchy.
Specify the threshold for creating a characteristic role. For example, you may require a role that characterizes at least 90% of the users in each of the sub-groups. If you specify a high value, CA GovernanceMinder may not find a role for all selected groups. In any case, CA GovernanceMinder will only associate with the role users that have the role's resources. Use "almost matching" search to identify users that almost match.
Indicates whether to discover roles with a preference to Users, Resources or User-Resource Connections as the focus of the roles created by the rule.
Newly created roles are listed in a new configuration file.
|
Copyright © 2014 CA.
All rights reserved.
|
|