Why are changes to eTPassword, eTSuspended and eTLocked propagated to accounts with the same attribute type through direct propagation whenever a global user is updated?
search cancel

Why are changes to eTPassword, eTSuspended and eTLocked propagated to accounts with the same attribute type through direct propagation whenever a global user is updated?

book

Article ID: 53732

calendar_today

Updated On:

Products

CA Directory CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On CA Security Command Center CA Data Protection (DataMinder) CA User Activity Reporting

Issue/Introduction

Description:

In the Provisioning Layer for Identity Manager, when making modifications on a Global user that is associated to an endpoint account without the presence of an Account Template or Policy, for example, a user was created during a explore/correlate/create global users as needed action, then there are three special attributes which can be directly propagated to the account. These are eTPassword, eTSuspended and eTLocked.

Solution:

Changes to eTPassword, eTSuspended and eTLocked are propagated to accounts with the same attribute type through direct propagation whenever a global user is updated. There is usually no special mappings required for these attributes to get propagated and the values will only be propagated where appropriate. For example, some endpoints do not support locking and therefore the endpoint account will remain unaffected when the global user is locked. As a general rule, if the endpoint supports the update actions then the change will be propagated to the endpoint accounts. If the Global user has the 'Restricted user' flag, direct propagation will not occur.

Environment

Release:
Component: ETRADM
Powered by Wolken Software