Trng Outline

Sessions

Session One – IAM Concepts

Session Two – EmpowerID Concepts

 

Topics Covered

EmpowerID Critical Concepts

  • Core Identity/Person/Account

  • Authentication

  • Security/RBAC

  • Platform Architecture

  • External Systems/Account Stores

EmpowerID System Architecture

  • EmpowerID Platform Architecture Overview

  • EmpowerID Servers

  • EmpowerID Database

  • Server Roles

  • Jobs and Services

  • Permanent Workflows

Using the EmpowerID Web User Interface

  • Logging into EmpowerID

  • Persona Switching

  • Navigating the Web UI

  • Dashboard

 Managing IT Resources in EmpowerID

  • ViewOne page

  • EditOne page

  • Person

  • Account

  • Group

Topics Covered

Connecting to External Systems

  • Connector overview - OOB versus Custom Connectors

  • Account Stores and Resource Systems Overview

  • Connecting to AD

  • Creating a Universal Flat File connector

Identity Lifecycle Processing

  • Account inbox processing

  • External Roles and Locations

  • Dynamic Hierarchy for Roles/Locations

  • Role and Location Mapping

  • Provisioning Policies (RET)

  • Attribute Flow Rules

  • Default Attribute Policies

  • Joiner Processing

  • Mover Processing

  • Leaver Processing

Sessions

Topics Covered

EmpowerID Security Model

  • Traditional RBAC versus EmpowerID RBAC Model

  • RBAC/TRBAC Overview

  • Security Components (management roles, Access Levels, Operations)

  • Creating and using Query Based Collections

  • Configuring Access Management in EmpowerID (RBAC Pyramid)

  • Approval Flow Policies

  • Access Request Policies

 Visibility Filtering

  • Visibility Restriction Policies

  • Data Filters

Practical RBAC Configuration

  • RBAC Assignment/Scope Types – BRL, Group, QBC, MR, Location

  • Creating/Managing Management roles and assignments

  • RBAC Strategy, Building a coherent RBAC architecture

  • EmpowerID Business Roles and Locations

  • When to use Business Roles versus Management roles

  • Practical Persona Example

 Password Management

  • Password Policies

  • Password Self Service workflows and processes

Sessions

 

 

Topics Covered

EmpowerID Security Model

  • Approval Flow Policies

  • Access Request Policies

  • Creating and using Query Based Collections

 Visibility Filtering

  • Visibility Restriction Policies

  • Data Filters

Password Management

  • Password Policies

  • Password Self Service workflows and processes

Sessions

Session 1 – Approval and Access Request Policies

Session 2 – Data Filters, Query-Based Collections, and Password Policies

Topics Covered

Self-Service / IAM Shop

  • IAM Shop Overview

  • Requesting Resources

  • My Resources

  • Managing Resources through IAM Shop

 Birthright Access Configuration

  • Process Flow

  • Provisioning Policies – Account provisioning

  • Role/Location assignments

  • Management Role assignments

  • Group access Assignments

  • Dynamic Hierarchy for groups and management roles

  • Processing jobs

 

 Miscellaneous system configuration

  • Localized text, emails, and email configuration

  • Workflow Parameters

  • Noun Verb UI Actions

  • Global system settings

  • Audit Logs and Troubleshooting

Sessions

Session 1 – Birthright Access Configuration and Miscellaneous Configuration

Session 2 – Eligibility, Notifications, Localization, Nouns, Verbs and UI Actions, Audit Logging