SAILPOINT : This is project which is pursue side projects outside FIM/MIM/Azure AD connect..
After configuring or on board the Active Directory Application, the next we want how to proviosnnig a new user in AD from Identity warehouse.I wanted to do this from quite some time.
This is not the best way to provisioning user in AD, however it will show what need to be done at basic level in provisoning, To be honest i find it very hard as I do not see much explanation and steps need to do it available in open forum.
We will create two role 1) Entitlement 2 ) Business , these two role will help in understanding what need to be done, if we want to set up a real and complex provsioning in AD.
Navigate to "Setup" from drop down list select Roles.
Click on New Roles and select role
In Role Editor, select the Type "Entitlement".
Scroll down the page
In Entitlements, click ADD and select the application Active Directory.
From the option Add An Entitlement, select Group Membership and select the group,save and submit it.
Next follow the above steps and create a role with Business type.
In Assignment Rule. select Match List , Add Identity Attributes, In select Attribute we can select the attribute from Identity warehouse.In general we can select attribute tagged to multiple user, In this for example we want to provisioing a single user based on first name.
We have select the first name "Anne" and add the entitlement created above in it and submit it.
Navigate to task and run the refresh Identity cube and it will generate a form where we have to give the details of DN, sAMAccountName and password , After submitting the form the user will be provisioning in AD.
In Next Blog we will provisioning the user in AD without submitting the form.
After configuring or on board the Active Directory Application, the next we want how to proviosnnig a new user in AD from Identity warehouse.I wanted to do this from quite some time.
This is not the best way to provisioning user in AD, however it will show what need to be done at basic level in provisoning, To be honest i find it very hard as I do not see much explanation and steps need to do it available in open forum.
We will create two role 1) Entitlement 2 ) Business , these two role will help in understanding what need to be done, if we want to set up a real and complex provsioning in AD.
Navigate to "Setup" from drop down list select Roles.
Click on New Roles and select role
In Role Editor, select the Type "Entitlement".
Scroll down the page
In Entitlements, click ADD and select the application Active Directory.
From the option Add An Entitlement, select Group Membership and select the group,save and submit it.
Next follow the above steps and create a role with Business type.
In Assignment Rule. select Match List , Add Identity Attributes, In select Attribute we can select the attribute from Identity warehouse.In general we can select attribute tagged to multiple user, In this for example we want to provisioing a single user based on first name.
We have select the first name "Anne" and add the entitlement created above in it and submit it.
Navigate to task and run the refresh Identity cube and it will generate a form where we have to give the details of DN, sAMAccountName and password , After submitting the form the user will be provisioning in AD.
In Next Blog we will provisioning the user in AD without submitting the form.
No comments:
Post a Comment