ISE Identity Manager Reconciliation

This tutorial is part of the Identity Manager track within the Identity Suite Essentials program.

Description

This tutorial covers the "Out Of The Box" reconciliation features of Identity Manager. After configuring reconciliation, for a given resource, the process will discover and link "matching" users in the Resource to users in Identity Manager.

Top

Learning Objectives

After completing this tutorial, the following topics should be understood.

  1. Understand reconciliation
  2. Setup reconciliation
  3. Run reconciliation

Top

Prerequisites

The following items must be completed before starting this tutorial.

Top

Setup

The following steps need to performed to enable the demonstration.

Section 1: Configure Reconcilation

  1. Access the Admin Interface http://localhost:8080/idm and log in as: configurator / configurator
  2. Select the Resources tab
  3. Select the List Resources sub-tab
  4. Expand the Simulated Folder
  5. Check the Box in front of the Timecard Resource
  6. Click the -- Resource Action -- Drop Down List
    Select the Edit Reconciliation Policy item
  1. In the Situation Options section:
    • Click on the UNASSIGNED Drop Down List and select the Link resource account to user item
  2. Click the Save Button
    (bottom of the page)

Top

Demonstration

After completing the setup above, the following sections should be performed to complete this tutorial.

The following users are in the Timecard Resource:

name First Last Email In IdMgr
bhope Bob Hope bob.hope@example.com No
bobama Barack Obama barack.obama@example.com Yes
dmartin Dean Martin dean.martin@example.com No
hsimpson Homer Simpson homer.simpson@example.com No
jbauer Jack Bauer jack.bauer@example.com No
jbiden Joe Biden joe.biden@example.com Yes
jmccain John McCain john.mccain@example.com Yes
jwayne John Wayne john.wayne@example.com No
spalin Sarah Palin sarah.palin@example.com Yes
thanks Tom Hanks tom.hanks@example.com No

After Reconciliation, the four accounts (already in Identity Manager) will be linked to the Timecard Resource

Section 1: Before Reconciliation

Verify that the users do not have any Resources assigned to them.

  1. Access the Admin Interface http://localhost:8080/idm and log in as: configurator / configurator
  2. Select the Accounts tab
  3. Select the Find Users sub-tab
  4. Uncheck the Name item (if it's checked)
  5. Check the User's Organization item
    is in item
    Top item
  6. Click Search
Notice that our users do not have any Resources

Section 2: Run Reconciliation

  1. Access the Admin Interface http://localhost:8080/idm and log in as: configurator / configurator
  2. Select the Resources tab
  3. Select the List Resources sub-tab
  4. Expand the Simulated Folder
  5. Check the Box in front of the Timecard Resource
  6. Click the -- Resource Action -- Drop Down List
    Select the Full Reconcile Now item
  1. Select the Resources tab
  2. Select the List Resources sub-tab
  3. Expand the Simulated Folder
  4. Check the Box in front of the Timecard Resource
  5. Click the -- Resource Action -- Drop Down List
    Select the View Reconcile Status item
  1. Review the results of the Reconciliation:
    • Resource Accounts Discovered
    • Create new used based on the account discovered
  2. Review the Situation Analysis :
    • Click the CONFIRMED link
Review the accounts that got created

Section 3: After Reconciliation

Validate the created users:
  1. Select the Accounts tab
  2. Select the Find Users sub-tab
  3. Uncheck the Name item (if it's checked)
  4. Check User has TImecard item
  5. Click Search
Notice that the Users have the Timecard Resource

Top

Resources

The following links provide more information:

Copyright (c) 2009, Sun Microsystems, Inc.
All rights reserved

Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Sign up or Log in to add a comment or watch this page.


The individuals who post here are part of the extended Sun Microsystems community and they might not be employed or in any way formally affiliated with Sun Microsystems. The opinions expressed here are their own, are not necessarily reviewed in advance by anyone but the individual authors, and neither Sun nor any other party necessarily agrees with them.

Copyright 1994-2009 Sun Microsystems, Inc.
Powered by Atlassian Confluence Sun Guidelines on Public Discourse Privacy Policy Terms of Use Trademarks Site Map Employment Investor Relations Contact