Versions Compared

Old Version 4

changes.mady.by.user Patrick Parker

Saved on

compared with

New Version 5

changes.mady.by.user Patrick Parker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

RETS

...

EmpowerID’s Provisioning Policies, also EmpowerID supports automated provisioning and deprovisioning of birthright account identities in external target directories and applications through the configuration of provisioning policies.  These policies can be assigned or scoped using any RBAC assignment point such as Business Role and Location, Query-Based Collection, or Management Role membership. 

  • Also commonly known as Resource Entitlements or RETs

...

  • •Resource Resource Entitlements (RETs) are policies that govern how resources, such as an Active Directory account or an Exchange mailbox, are given to people and when they are revoked.

  • •RET RET policies can be assigned to any EmpowerID Actor Type (Person, Business Role and Location, etc.)

  • •RETs RETs can be triggered manually in specific workflows using a workflow shape or can be automatic using the EmpowerID Jobs

...

  • Image Added

View file
name00927dba.wav

Pre-Requisites•Each

  • Each Account Store has a setting to Allow RET Provisioning and one to Allow RET De-Provisioning

...

  • These settings are all that is required for manual workflow-triggered RET processing

...

  • For automated background RET processing:

...

    • At least one

...

    • Worker role container must be running

...

...

    • The RET Inbox Processor Job and Recalculation Job must be enabled for at least one of these

...

    • containers

View file
name5fcb2da7.wav

RET Actions/Events•Claim

  • Claim – Occurs when EmpowerID discovers a person with a resource that matches a RET to which they are assigned, but the resource is not marked as having been provisioned by an RET.

...

  • Transform – Occurs when a person with a resource provisioned by one RET policy receives an equivalent RET from a different policy.

...

  • Revoke – Occurs when a person who received a resource via an RET no longer receives the RET policy.

View file
namea6c2f3ae.wav

On Claim Action

The four options and outcomes are:

...

•Register Event - Raises the event specified.

On Transform Action

The four options and outcomes are:

...

Register Event - Raises the event specified.

On Revoke Action

The four options and outcomes are:

...

•The custom workflows can be used to implement more advanced processes for deprovisioning or other events.

...

AD/LDAP Account Creation Location Logic

...