I would like to start an open discussion on the fact whether the uaadmin
account is really still needed in an IDM setup.
Due to the fact that the user which is selected as the "superuser"
during the install of the Identity Applications in IDM 4.5 does need
supervisor object rights to eDirectory I guess I should be safe to
select the standard admin user during the install.

According to the concept introduced with UA 3.7 all internal privilages
in UA are assigned through roles to "normal" Users within the tree and
the uaadmin should only act as a kind of superuser and service account
(in ua and role driver configuration)

For my point of view I think it is better to keep config as simple as
possible and get rid of the additional functional/service account of

What do you think?

tschloesser's Profile: https://forums.netiq.com/member.php?userid=3232
View this thread: https://forums.netiq.com/showthread.php?t=53321