Environment
NetIQ Access Governance Suite 6.1
NetIQ Access Governance Suite 6.2
NetIQ Access Governance Suite 6.3
NetIQ Access Governance Suite 6.4
NetIQ Access Governance Suite 6.2
NetIQ Access Governance Suite 6.3
NetIQ Access Governance Suite 6.4
Situation
Provisioning Roles
Roles are not directly provisioned. Access Governance Suite (AGS)
models roles on the IDM User Application roles but does so by decomposing
the business role into managed entitlements, that must be granted on the
connected system. The entitlements are determined for the role based on its
profile.
From the IDM connector's (ICAG) point of view, it does not know that a role
has been assigned or de-assigned, it just knows that (decomposed) entitlements
(required by the role) have been added or removed from a provisioning
plan.
Provisioning Entitlements
Entitlements
may be granted or revoked from the Dashboard, using the "shopping cart." The AGS
Managed Entitlements equate to IDM Resource object assignments in the Identity
Vault.