Novell IDENTITY MANAGER Staging Best Practices Guide

Novell®

www.novell.com

Identity Manager 3.6.1 Staging Best Practices Guide

novdocx (en) 16 April 2010

AUTHORIZED DOCUMENTATION

Identity Manager

3.6.1

June 24, 2010

TM

Identity Manager 3.6.1 Staging Best Practices Guide

Legal Notices

Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes.

Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims
any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.
reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to
notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the
trade laws of other countries. You agree to comply with all export control regulations and to obtain any required
licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities
on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export
laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses.
Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no
responsibility for your failure to obtain any necessary export approvals.

Copyright © 2009-2010 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied,
stored on a retrieval system, or transmitted without the express written consent of the publisher.

novdocx (en) 16 April 2010

Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com

Online Documentation: To access the online documentation for this and other Novell products, and to get

updates, see www.novell.com/documentation.

Novell Trademarks

For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/

trademarks/tmlist.html).

Third-Party Materials

All third-party trademarks are the property of their respective owners.

novdocx (en) 16 April 2010

novdocx (en) 16 April 2010

4 Identity Manager 3.6.1 Staging Best Practices Guide

Contents

About This Guide 7

1Overview 9

1.1 What is Staging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

1.2 Staging Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

2 Preparing for Staging 11

2.1 Identity Vault Structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2.2 Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2.2.1 Driver Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2.2.2 Using GCVs in Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2.2.3 Simulation and Staging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.3 Objects That Designer Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.4 Objects That Designer Does Not Model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

2.5 Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.5.1 Driver Equivalences. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.5.2 Roles Based Entitlements Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.5.3 Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

novdocx (en) 16 April 2010

3 Staging a Project 17

3.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3.1.1 Importing Objects. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

3.2 Staging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

3.3 Post-staging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

4 Best Practices in Moving Objects Across Stages 25

Contents 5

novdocx (en) 16 April 2010

6 Identity Manager 3.6.1 Staging Best Practices Guide

About This Guide

Welcome to Novell Identity Manager 3.6.1 Staging Best Practices Guide. This guide provides step­by-step procedures to move your Identity Management solutions from one stage to the subsequent
stages.

This guide introduces the following:

 Chapter 1, “Overview,” on page 9

 Chapter 2, “Preparing for Staging,” on page 11

 Chapter 3, “Staging a Project,” on page 17

 Chapter 4, “Best Practices in Moving Objects Across Stages,” on page 25

Audience

The guide is intended for Identity Manager consultants and customers.

novdocx (en) 16 April 2010

Feedback

We want to hear your comments and suggestions about this manual and the other documentation
included with this product. Please use the User Comments feature at the bottom of each page of the
online documentation, or go to www.novell.com/documentation/feedback.html and enter your
comments there.

Documentation Updates

For the most recent version of the Novell Identity Manager 3.6.1 Staging Best Practices Guide, visit
the Identity Manager Web site (http://www.novell.com/identity/access/identity_integration).

Additional Documentation

 Understanding Designer for Identity Manager (http://www.novell.com/documentation/

designer30/designer_intro/data/front.html)

 Identity Manager 3.6.1 Installation Guide (http://www.novell.com/documentation/idm36/

idm_install/data/front.html)

 Understanding Policies for Identity Manager 3.6 (http://www.novell.com/documentation/

idm36/policy/data/bookinfo.html)

 Policies in Designer 3.5 (http://www.novell.com/documentation/idm36/policy_designer/data/

bookinfo.html)

 Novell Credential Provisioning for Identity Manager 3.6 (http://www.novell.com/

documentation/idm36/policy_credprov/data/bookinfo.html)

 Identity Manager 3.6 DTD Reference (http://www.novell.com/documentation/idm36/

policy_dtd/data/bookinfo.html)

 Identity Manager 3.6 Driver Guides (http://www.novell.com/documentation/idm36drivers/

index.html)

About This Guide 7

novdocx (en) 16 April 2010

8 Identity Manager 3.6.1 Staging Best Practices Guide