Question:
I would like to set logon information for an application. How do I do this?
Answer:
You can set logon information for an application in a policy only. To set logon information, click the Applications tab in the policy and then double-click the application. The Application Login Information dialog appears. Use this dialog to enter your information.
Question:
What do I do if the logon information for an application is incorrect?
Answer:
You can correct this information using one of the following methods:
You can use this method if your policy uses strong synchronization. To use this method, remove the application from the policy and then synchronize your accounts with the policy. This method removes the application from all accounts. Once the application is removed, enter the correct logon information for the application, add the application to the policy, and then synchronize your accounts with the policy.
You can use this method if your policy uses strong or weak synchronization. To use this method, enter the correct logon information, check the Force Update box, and then click OK. To save the changes, click Apply on the property sheet, and then propagate the changes to the policy.
Question:
My policy, when associated to a directory for the Policy data store, cannot be synchronized with an account created by using the policy. The Provisioning Manager always reports that the account's attribute GroupList is out-of-sync with that policy. Is there a solution for this problem?
Answer:
You can use strong synchronization for the policy and the administrator check box is checked on the Privileges tab, PLS Connector automatically joins the account to the predefined group_ps-adms when the account is created in the Policy data store by using the policy. Hence, the Provisioning Manager reports that attribute GroupList is out-of-sync. You may simply add group_ps-adms to the policy to eliminate this problem.
Question:
I have added an application to my policy on the Applications tab. The policy has been used to successfully create an account. However, the account's Applications tab does not show that the application in the policy is assigned to the account. If I use the Policy Manager for PLS Connector to verify the application assignment, the account's Applications tab also does not show the application as a linked one. Is this an error?
Answer:
An application can be explicitly or implicitly assigned to an account. In general, an application is implicitly assigned to an account if one of the following is true:
When a policy is used to create an account, the PLS Connector does not explicitly assign an application to the account if the application has already been implicitly assigned. For performance reasons, this optimization is done to avoid storing redundant data for application authorization in the Policy data store. This optimization is especially important to user data stores with a large number of accounts. The Applications tab only shows the explicitly assigned applications, but the Application Login tab shows the applications explicitly or implicitly assigned to an account. If you use the SSO Policy Manager, you can also find all assigned applications on the Application List tab.
|
Copyright © 2013 CA.
All rights reserved.
|
|