Anonymous_User Absent Member.
Absent Member.
183 views

User Identification method for Federation


NAM 3.1.4

Want to clarify the user identification method for federation.

In this we have 3 options

- Authentication
- Provision Account
- Attribute matching



This Option "-Provision Account -"(when the users on the identity
provider do not have accounts on the service provider. This option
allows the service provider to trust any user that has authenticated to
the trusted identity provider)

Will this option *-Provision Account -* creates the user account
temporally in eDirectory when the user successfully authenticate in
Identity Provider and deletes it once he logs out?


--
lvaradha
------------------------------------------------------------------------
lvaradha's Profile: https://forums.netiq.com/member.php?userid=226
View this thread: https://forums.netiq.com/showthread.php?t=47108

0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: User Identification method for Federation

On 18.03.2013 17:24, lvaradha wrote:
>
> NAM 3.1.4
>
> Want to clarify the user identification method for federation.
>
> In this we have 3 options
>
> - Authentication
> - Provision Account
> - Attribute matching
>
>
>
> This Option "-Provision Account -"(when the users on the identity
> provider do not have accounts on the service provider. This option
> allows the service provider to trust any user that has authenticated to
> the trusted identity provider)
>
> Will this option *-Provision Account -* creates the user account
> temporally in eDirectory when the user successfully authenticate in
> Identity Provider and deletes it once he logs out?


It really depends on how you have configured this.

regarding creation/update of attributes in your ldap store - this is
determined by the rights configured in
https://www.netiq.com/documentation/novellaccessmanager31/identityserverhelp/data/ldapattrmap.html

Regarding deletion, "There is an option : Delete user provisioning
accounts if federation is terminated"

See:
https://www.netiq.com/documentation/novellaccessmanager31/identityserverhelp/data/provisioningattrs.html
for more details.


--
----------------------------------------------------------------------
Alex McHugh
NetIQ Knowledge Partner http://forums.netiq.com

Please post questions in the forums. No support is provided via email.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.