As an Administrator, you want to be sure that when a new employee is added to CA Identity Manager, they automatically get privileges that are appropriate to their function within the company, and compliant with business policies.
Integrating with CA Identity Governance and enabling Smart Provisioning in an CA Identity Manager environment provides suggested roles and compliance checking when you create or modify users, roles, and accounts in CA Identity Manager.
For example, a new employee starts in the finance department at your company When you create the new user in CA Identity Manager, you specify that this person is part of the finance department. When you submit the Create User task in CA Identity Manager, CA Identity Governance returns a list of the following suggested roles for the new user:
In addition, CA Identity Governance verifies that the existing privileges (if any) of the new user do not violate any business policy rules (BPRs).
Perform the following process to be sure that any new user added to CA Identity Manager gains the appropriate privileges that are compliant with company policy.
This procedure creates the Master and the Model configuration in CA Identity Governance.
This procedure removes suspect entities and suspect relationships between entities and updates the Model configuration.
This step updates the Master also.
After completing this process, CA Identity Governance suggests roles and performs compliance checks against business policy restrictions and limitations when you create and modify users, roles, or accounts in CA Identity Manager. Any day-to-day changes made in CA Identity Manager that affect users, roles, or accounts are updated in CA Identity Governance using Continuous Update.
|
Copyright © 2014 CA.
All rights reserved.
|
|