How to Show My Endpoints Accounts from Identity Portal
search cancel

How to Show My Endpoints Accounts from Identity Portal

book

Article ID: 10607

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

This is an example about how to configure Identity Manager Admin Tasks, Admin Role definition and other important details to display my Active Directory Endpoint accounts from Identity Portal.



From Identity Manager, we are able to display or View My Endpoint Accounts however from Identity Portal UI this feature does not appears as the default option.

 

By creating a new task based on a copy from the "Modify Active Directory Account" task, it is possible to expose the tasks needed to display the Active Directory Endpoint Accounts from the My Profile menu when  Login in Identity Portal.

Below the details and steps needed from Identity Manager and Identity Portal about How to Show My Endpoints Accounts.

Environment

Identity Portal 14.x

Identity Manager 14.x

Virtual Appliance or non-Virtual Appliance

Resolution

1. From the Identity Manager User Console, by using Create Admin Task, create a Copy of the following task :

Modify Active Directory Account

And modify the name like : [PORTAL] Modify Active Directory Account

    Note: The Tag Field Name Must be on this Format: PORTALModifyActiveDirectoryAccount

(please do not use spaces or special characters for the Tag Field )

 

 

2. From Identity Manager, create a New Admin Role,

 ie. called  [PORTAL] Modify ADS All Users

Assign the following Tasks  to the New Admin Role, for example:

-Modify My Endpoint Accounts

-[PORTAL] Modify Active Directory Account

 

 

3. On Members Tab, add the Following Scope configuration

 

Click ok and submit

 

4. Log in to Identity Portal Management Console,

-Click on Admin UI

-Click on the Elements,

-from Backend Menu, click on Tasks,

-Click on Create button to create a New Portal Task

 

The New Task Will Maps to “[PORTAL] Modify Active Directory Account” admin task…

 

5. From Backend Menu, Click on Forms, to Create a New Form for the Portal Task created previously

 

 

And map the TASK to that Form PORTALModifyActiveDirectoryAccount

 

 

6. You need to have an Endpoint (For Active Directory Example) created on Admin UI (portal)

If you have not Endpoint created, in the left pane, under the Backend, click Endpoints and fill like the example.

 

 

7. Click On the ENTITLEMENTS tab, set as follow 

 

 

8. Click On the ACCOUNT ATTRIBUTES tab, set as follow

 

 

9. Click on the INSTANCES tab, select All Instances

 

-Save the changes

-Check on Setup Tab if a Connector Restart is needed.

 

10. Testing a User who has an Active Directory Account, login to Identity Portal with that username.

 

 

12. From Access Menu, you also will be able to see the Endpoint Accounts.



Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-portal/14-3/administrating/administrating-ca-identity-portal/ca-identity-portal-administration/about-modules/create-direct-endpoints.html

Powered by Wolken Software