Symantec IGA

Hi All,

We have a scenario in which we are using Identity Minder & Governance Minder and both are integrated.

Each application have technical roles which are divided into Roles, Resource & Actions. We have 100+ User repositories  &  User repositories has its own technical roles. ( As organisation doesn't have business roles so currently we have to manage technical roles)

As a business use case certification is run as per business as usual & if user manager revokes user privileges then that should be automatically removed from the user repositories.

Now our question is how we should map these Application specific attribute? Do we use them as logical or physical defined attribute.

As each type have some or other challenges.

We want to know the best practices around this.

Regards

Rohan Bhasin

+91-9717500338

Is anyone able to assist further with this users question?

Thank you

Hi Rohan,

A bit more information regarding this use case. When you state "technical roles" are you referring to Provisioning Roles within CA Identity Manager (formerly known as IdentityMinder)? Also, can you provide a few examples of a Role, Resource, and Action? If, for example, you're referring to a database. The resource could be the database name and the action could be the CRUD associated with that. If that's the case, you can set up your ResName1, ResName2, ResName3 in CA Identity Governance (formerly known as GovernanceMinder) to reflect that. For example: ResName1 could be "READ" or "UPDATE", ResName2 could be the database name, and ResName3 can be a static string like "MSSQL". Those resources can then be attached to a Role; for example database Admin.

Please provide additional information and I'll try to assist.

Best Regards,

Matthew Miller