Hi,

We have IDM 4.0.2 on windows. We have the below scenario and it would be
great if you could help on this.

Scenario:
We have a web service interface that is used to create users in the
target applications and assign roles (SAP). The target applications like
app001, app002, ... app300.
we are using SOAP driver and we are able to create/modify user, it works
fine.

Each application has same 100 roles (like role1, role2, role 3). The
roles (names) are same in all the applicaiton. Bur the soap interface
differentiats them with prefixing application name in front of the role.
So that the soap interface can identity the role uniquely to assign it
on the target applicaiton.

Ex: app001, the roles are: app001:role1, app001:role2, etc.
app002, the roles are: app002:role1, app002:role2, etc.

So, we has asked to create 100 roles in IDM and on the workflow request
form the user will select the no.of application and the role he wants.
When assigning the role, it has to dynamically add prefix for each
system and send the request to soap.

Is it possible, when assigning 1 role, we can populate multiple
entitlement ref attribute values based on the users seleted
applications?

Like: On a workflow req form:

Select a role:
Role1

Select systems:
app001
app003
app003

On submit, idm has to assign Role1 but it has to set 3 different
entitlment values. is this possible? app001:Role1, app002:ROle2,
app003:Role3

Or Do we need to create 100 (target system roles) * no. of application
roles in IDM?

Thanks,
kan


--
nvldk
------------------------------------------------------------------------
nvldk's Profile: https://forums.netiq.com/member.php?userid=8443
View this thread: https://forums.netiq.com/showthread.php?t=52246