|
|
|
User creation in the provisioning directory occurs only for provisioning related events, such as assigning a provisioning role to a user. No user is created in the provisioning directory when you use an admin task to create a user unless that task assigns a role or includes an identity policy that assigns the role.
Note: A Provisioning Directory user is also called a global user. A glolal user is the single user that connects endpoint accounts.
When user creation in CA Identity Manager triggers user creation in the provisioning directory, CA Identity Manager sends an email with a temporary password to the new user’s email address as it is defined in the provisioning directory. The user can log into to the User Console with that password, however, the user must then change the password. As a result, the password is synchronized between the user store and provisioning directory.
If the user has no email address, the user cannot access the User Console until changing the password in the user store.
Note: To email a temporary password, email notifications must be enabled for the Environment, and the CreateProvisioningUserNotificationEvent must be configured for email notification. (See the Configuration Guide.)
| Copyright © 2012 CA. All rights reserved. | Tell Technical Publications how we can improve this information |