|
|
|
User creation in the provisioning directory occurs only for provisioning related events, such as assigning a provisioning role to a user. No user is created in the provisioning directory when you use an admin task to create a user unless that task assigns a role or includes an identity policy that assigns the role.
When user creation in Identity Manager triggers user creation in the provisioning directory, Identity Manager sends an email with a temporary password to the new user’s email address as it is defined in the provisioning directory. The user can log into to the User Console with that password, however, the user is then required to change to a new password. As a result, the password is synchronized between the user store and provisioning directory.
If the user has no email address, the user cannot access the User Console until changing password in the user store, or an Identity Manager administrator changes the user’s password in the Provisioning Manager.
Note: To email a temporary password, email notifications must be enabled for the Environment, and the CreateProvisioningUserNotificationEvent must be configured for email notification. (See the Configuration Guide.)
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |