Implementation GuidePlanning Your ImplementationDecide What to ManageProvisioning Accounts from Other Applications › How to Configure Support for Provisioning

Previous Topic: Explore and Correlate Functionality

Next Topic: Determine Audit Requirements
How to Configure Support for Provisioning

After deciding to implement provisioning, you complete the following high-level steps.

  1. Use the CA Identity Manager Server installer to install the Identity Manager Server, the Provisioning Server, the Provisioning Directory Initialization, and the Administrative Tools.

    Note: For more information about installing CA Identity Manager components, see the Installation Guide.

  2. Configure the Provisioning Manager to connect to the Identity Manager Server.

  3. Configure Provisioning in the Identity Manager Management Console:
    1. Enable Provisioning.
    2. Configure an environment for Provisioning by completing the following:
      • Importing custom role definitions
      • Configuring an inbound administrator
      • Connecting the environment to the Provisioning Server.

    Note: For more information, see the Configuration Guide.

  4. Create endpoints in the User Console.

    This allows Identity Manager to manage the endpoint. When you create an endpoint, it populates the provisioning directory with accounts and other objects found in the endpoint.

    Note: For more information about endpoint management, see the Administration Guide.

  5. Explore and correlate the endpoint.

    When you explore an endpoint, CA Identity Manager finds the objects in the endpoint and stores instances of them in the provisioning directory. When you correlate accounts on an endpoint, CA Identity Manager associates them with a global user in the provisioning directory. You may choose whether the correlate function creates any global users that are not present or whether it associates accounts with no matching global user to the [default user] global user.

  6. Create and maintain endpoint accounts by using account templates, which contain the attributes that are used to create accounts.
  7. Associate the account templates with provisioning roles.

    When you assign provisioning roles to users, CA Identity Manager creates accounts in the associated endpoints for those users.

    Note: For information about account templates and provisioning roles, see the Administration Guide.