Screen Shots: Manual user onboarding
|
|
Create a new user profile:The first step for provisioning a new user is for the requester (typically a manager) to sign into Identity Manager and select the new user menu option. |
|
|
|
Onboarding form:A default web UI is provided for filling in all the identity attributes for new users. Pre-defined requests can be used to fine-tune this default UI and create multiple forms, each suited to a particular type of user or situation. |
|
|
|
Select roles and other entitlements:Users may be assigned security entitlements automatically, using policy settings. Alternately or additionally, the requester may be asked to select roles, accounts and/or security groups to assign the new user. In this example, it is assumed that manually-provisioned users are contractors, since employees are normally auto-provisioned from an HR feed. The requester in this case can select roles to supplement basic the contractor profile. |
|
|
|
Set initial password:Manual access requests present an opportunity to limit the number of people who know or can guess the new user's initial password. In this case, the requester can specify the first password, which will be set to expire on first login. |
|
|
|
Submit request:The requester can review the contents of the request before submitting it. Once a request has been submitted, the requester can monitor its progress and may cancel it (for example, if a new hire never arrived). |
|
