SlideShare a Scribd company logo

Permission collection and reconciliation service

Rajiv Kumar
Rajiv Kumar

This session will cover the basics of Identity Manager Permission model including Resources and Entitlements. Learn the challenges and benefits of on-boarding Permissions from various authoritative sources to the Identity Manager Catalog in the Entitlement-Resource-Role format. Learn more about Permission Collection and Reconciliation Service (PCRS). Permission Collection and Reconciliation Service satisfies two fold objective - first it enables entitlements for all the Identity Manager Drivers and secondly on-board/reconcile permissions from the application to the Identity Manager Catalog.

Presentations & Public Speaking
1 of 63
Download to read offline
Permission Collection and Reconciliation Service (PCRS) November 2014 Kamal Narayan Senior Product Manager nkamal@netiq.com Rajiv Kumar Associate Senior Specialist krajiv@netiq.com #BrainShare #NetIQ7130
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.2 Agenda • Entitlements and Resources • Current limitations • PCRS • PCRS components • PCRS flow • Troubleshooting tips
Entitlements and Resources
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.4 Entitlements Model application permission IDM Drivers have sample entitlements Primarily managed by Designer Sample entitlements may not be readily useful (AD vs JDBC) Often application integration requires creating entitlements Primarily used on subscriber channel with IDV as the source of truth No out of the box solution for onboarding application assignments
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.5 Resources Introduced during RBPM 3.7 Abstraction layer between driver entitlements and Roles. Curatable, thus people friendly names unlike entitlements, approval workflow Enables granular assignment status Management via Designer/UserApplication interface Bound to one entitlement only, static & dynamic assignments No out of the box solution for onboarding application assignment
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.6 Resource model
Current limitations
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.8 Current Limitations • Application on boarding requires custom implementation to on-board existing permission assignments • Assignment state may quickly get out of sync unless all permission changes are done from IDM • Catalogue does not reflect the actual state • Creating new entitlements is tedious
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.9 Current limitations • Requires changes in multiple locations : resource objects/policies • Multiple tools/steps required to create a resource associated with an entitlement • Resource/Entitlement assignments are uni- directional(subscriber only)
PCRS
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.11 PCRS – What's new • Easily create new Entitlements • Seamless out of the box support for implementing resource model for IDM drivers • On-board application permissions and assignments • Update assignment status changes on both channels (publisher & subscriber) • Simplified and quicker application integration • Comprehensive permission catalogue • Catalogue shows the actual state • A common package for use with custom drivers
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.12 PCRS - Overview
PCRS components
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.14 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.15 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.16 Engine changes Startup/Shutdown policy containers • Two new policy containers • Startup container has policies for performing initialization tasks • All run-once policies required at startup can be added here • Policies are executed after driver start by the engine. • Shutdown container can have policies for performing finalization tasks • Polcies to save state/info that may be needed at driver shutdown • Policies are executed before stopping the driver.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.17 Engine changes Startup/Shutdown policy containers
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.18 Engine changes Startup/Shutdown policy containers - Benefits • Cleaner implementation, easier to debug • No need to perform checks in content to verify if the driver is up before executing initialization policies • Run-once policies are outside of normal event-flow containers, reduced tracing • Shutdown tasks can be performed, which is not possible otherwise.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.19 Engine changes Resource management API's xmlns:ps=“http://www.novell.com/nxsl/java/com.netiq.resources.ProvisioningSchedu ler” // Provisions users to IDM resources in RBPM and reconciles the permissions of // the user. String ReconcilePermissions(String uaUrl, String uaUser, String uaPwd, String recipient, int delay, String payload, boolean debugOn) // Performs CodeMap Refresh of the Group Entitlement in RBPM String RefreshCodeMapforGroupEntitlement(String uaUrl, String uaUser, String uaPwd, String recipient, int delay, String payload, boolean debugOn) // Reconciles resource assignments for groups in RBPM String ReconcileGroupMemberPermissions(String uaUrl, String uaUser, String uaPwd, String group, int delay, String payload, boolean debugOn) // Check timestamp and allow grant or revoke if current timestamp is greater // than or equal to that of the last update in the nrfResource history. String AllowEntitlementGrantOrRevoke(String uaUser, String recvdEntTimeStamp, String historyPayload, boolean debugOn)
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.20 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.21 Administrative accounts • Following administrative accounts are used – IDV Administrator – PCRS Administrator • Password Policy should be assigned to both the admin users. • Distribution password for these users are utilized for creating/updating various objects
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.22 Administrative accounts Password policy assignment
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.23 Administrative Accounts IDV administrator/PCRS Administrator - Tasks IDV administrator Job execution PCRS Administrator Resource creation Code-map refresh Cache flush Assign/revoke resources Queries to user app
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.24 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.25 Resources Dynamic • Default Configuration – resources created by PCRS have dynamic values • Requires creating fewer resources • Simplifies resource management • Easy to add/remove values instead of creating/deleting resources.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.26 Resources Static • Access to some resources/permissions may need to be tightly controlled for e.g. financial, business, etc. • Manually configured • Catalog administrator can be used for creating static resources. • Existing static resources may be added to the StaticValueEntitlementMap
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.27 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.28 Packages Driverset • New driverset package(NOVLACOMSET) introduced to specify – User application URL – Administrative user for performing PCRS actions
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.29 Packages Driverset - screenshot
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.30 Packages Driver Specialized package Active Directory Entitlements and Exchange Mailbox Support Package LDAP Entitlements Package Delimited Text Entitlements Package Loopback Entitlements Package Common package Permission Collection and Reconciliation Service Package [Validated for SOAP driver]
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.31 Packages Driver • Common Package - NOVLCOMPCRS
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.32 Packages Mapping Table - PermissionNameToFile • Contains entitlement configuration data specified during package installation in designer.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.33 Driver objects Post deployment
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.34 Driver objects Post driver start
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.35 Packages Mapping Table - PermissionEntMapping • Contains mapping of entitlement and the respective resource objects. • Mapping table is empty at deploy time.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.36 Packages Mapping Table – PermissionEntMapping • The specified entitlement is created by the driver startup policies.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.37 Packages Entitlement object
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.38 Packages Mapping Table - PermissionEntMapping • The resource object is created by the Job object.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.39 Packages Mapping Table - StaticValueEntitlementMap • Contains configuration data for static valued resources • Mapping table is empty at deploy time. • Manually populated • Used for granular control.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.40 Packages Mapping Table - <Entitlement>_Values • Contains values for an entitlement if values are specified by a csv file # #CSV File containing entitlement values # Building A, Engineering, The engineering building Building B, Accounting, The accounting building Building C, Facilities, The facilities building Building D, Warehouse, The warehouse
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.41 Packages Mapping Table - <Entitlement>_Values • Created by startup policies to store the entitlement values.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.42 Packages Mapping Table - <Entitlement>_Values • Contains entitlement values read from csv file providing the entitlement values.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.43 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.44 Job Permission onboarding • IDM Job object. • Configured during driver start-up. • Admin user account and password automatically configured by the start-up policies. • Not scheduled by default • Executed during driver startup – invoked by startup policies Requires appropriate rights on PCRS objects
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.45 Job Permission Onboarding - Tasks • Reading CSV files containing Entitlement Values and populating <name>_Values objects • Creating a Dynamic Resource for assigning Entitlement Values to Users • Populating PermissionEntMapping object with the Resource DN • Triggering RBPM code-map refresh to recognize the new entitlements and values
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.46 Job Permission onboarding
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.47 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.48 Access Control List PCRS Objects Permission Onboarding Job [Trustee] [Entry Rights] → Browse [All Attributes] → Supervisor PermissionEntMapping <ENTITLEMENT>_Valu es <ENTITLEMENT>
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.49 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.50 GCV controls • PCRS package – reconcile all entitlements • PCRS package – reconcile select entitlement
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.51 GCV controls • Specialized PCRS entitlement package
PCRS flow
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.53 Publisher Channel update
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.54 Subscriber channel Attribute assignment
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.55 Subscriber channel RBPM assignment
Troubleshooting tips
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.57 Troubleshooting tips • Use the PCRS admin user for PCRS automation only – Do not perform any modification from the UserApplication/Aqua UI using this user – Changes performed by the PCRS admin are vetoed out by the policy as a part of loopback detection. • The entitlement attribute name in the entitlement-to- file mapping table should be in Identity manager namespace.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.58 Troubleshooting tips • Job does not executes at driver startup – Verify that password policies are enabled and the Identity vault administrator has an assignment. – Check Identity vault administrator’s password has been set after enabling the password policy. • Resource assignment not working – Check the status of the “User Application” and “Role and Resource” service drivers. The drivers should be in running state.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.59 Troubleshooting tips • Permission on boarding job does not update the catalogue for assignment changes – Verify that password policy is enabled and the PCRS administrator has an assignment. – Verify that the correct connection values are provided in the driverset advanced common settings package. – Verify that the PCRS administrator has resource management rights. Is Permission Collection and Reconciliation GCV Enabled ?
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.60 Troubleshooting tips • Steps to clean-up PCRS objects and resources – Stop the driver – Using User Application UI, delete all the resources specified in the “PermissionEntMapping” mapping table under the “resourceDn” column – Delete all the “<entitlement>_values” objects under the driver objects – Delete the entitlements specified in the “entitlementDn” column of the “PermissionEntMapping” mapping table – Delete the entries of the “PermissionEntMapping” mapping table
© 2014 NetIQ Corporation. All rights reserved.61 Thank you. Don’t miss the Identity-Powered Experience in IT Central.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.62 +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com Worldwide Headquarters 515 Post Oak Blvd., Suite 1200 Houston, TX 77027 USA www.netiq.com/communities
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States.

Recommended

KSCOPE Cloud Services and the Self Service Portal
KSCOPE Cloud Services and the Self Service PortalKSCOPE Cloud Services and the Self Service Portal
KSCOPE Cloud Services and the Self Service PortalKellyn Pot'Vin-Gorman
 
Pivotal cf for_devops_mkim_20141209
Pivotal cf for_devops_mkim_20141209Pivotal cf for_devops_mkim_20141209
Pivotal cf for_devops_mkim_20141209minseok kim
 
An overview of reference architectures for Postgres
An overview of reference architectures for PostgresAn overview of reference architectures for Postgres
An overview of reference architectures for PostgresEDB
 
Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for Postgres Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for Postgres EDB
 
Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for PostgresBeginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for PostgresEDB
 
Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)pasalapudi123
 
NetApp Datasheet Oracle Accelerator
NetApp Datasheet Oracle AcceleratorNetApp Datasheet Oracle Accelerator
NetApp Datasheet Oracle AcceleratorContent Rules, Inc.
 
Hortonworks technical workshop operations with ambari
Hortonworks technical workshop operations with ambariHortonworks technical workshop operations with ambari
Hortonworks technical workshop operations with ambariHortonworks
 

Recommended

KSCOPE Cloud Services and the Self Service Portal
KSCOPE Cloud Services and the Self Service PortalKSCOPE Cloud Services and the Self Service Portal
KSCOPE Cloud Services and the Self Service PortalKellyn Pot'Vin-Gorman
 
Pivotal cf for_devops_mkim_20141209
Pivotal cf for_devops_mkim_20141209Pivotal cf for_devops_mkim_20141209
Pivotal cf for_devops_mkim_20141209minseok kim
 
An overview of reference architectures for Postgres
An overview of reference architectures for PostgresAn overview of reference architectures for Postgres
An overview of reference architectures for PostgresEDB
 
Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for Postgres Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for Postgres EDB
 
Beginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for PostgresBeginner's Guide to High Availability for Postgres
Beginner's Guide to High Availability for PostgresEDB
 
Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)pasalapudi123
 
NetApp Datasheet Oracle Accelerator
NetApp Datasheet Oracle AcceleratorNetApp Datasheet Oracle Accelerator
NetApp Datasheet Oracle AcceleratorContent Rules, Inc.
 
Hortonworks technical workshop operations with ambari
Hortonworks technical workshop operations with ambariHortonworks technical workshop operations with ambari
Hortonworks technical workshop operations with ambariHortonworks
 
Get Started Building YARN Applications
Get Started Building YARN ApplicationsGet Started Building YARN Applications
Get Started Building YARN ApplicationsHortonworks
 
Hp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar SlidesHp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar SlidesHortonworks
 
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...VMware Tanzu
 
Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015Kellyn Pot'Vin-Gorman
 
Authoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using SliderAuthoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using SliderDataWorks Summit
 
An overview of reference architectures for Postgres
An overview of reference architectures for PostgresAn overview of reference architectures for Postgres
An overview of reference architectures for PostgresEDB
 
Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1Hortonworks
 
Deploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via SliderDeploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via SliderHortonworks
 
Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014Hortonworks
 
ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5Bruno Alves
 
Spring Data (GemFire) Overview
Spring Data (GemFire) OverviewSpring Data (GemFire) Overview
Spring Data (GemFire) OverviewJohn Blum
 
Latest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise ManagerLatest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise ManagerHari Srinivasan
 
Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2 Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2Hortonworks
 
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...DataWorks Summit
 
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...Trivadis
 
Oracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší novéhoOracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší novéhoMarketingArrowECS_CZ
 
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project ExperiencesUpgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project ExperiencesBruno Alves
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLEDB
 
Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQL Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQLEDB
 
Apache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARNApache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARNHortonworks
 
5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize security5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize securityNetIQ
 
The city
The cityThe city
The citybjunque
 

More Related Content

What's hot

Get Started Building YARN Applications
Get Started Building YARN ApplicationsGet Started Building YARN Applications
Get Started Building YARN ApplicationsHortonworks
 
Hp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar SlidesHp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar SlidesHortonworks
 
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...VMware Tanzu
 
Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015Kellyn Pot'Vin-Gorman
 
Authoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using SliderAuthoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using SliderDataWorks Summit
 
An overview of reference architectures for Postgres
An overview of reference architectures for PostgresAn overview of reference architectures for Postgres
An overview of reference architectures for PostgresEDB
 
Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1Hortonworks
 
Deploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via SliderDeploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via SliderHortonworks
 
Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014Hortonworks
 
ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5Bruno Alves
 
Spring Data (GemFire) Overview
Spring Data (GemFire) OverviewSpring Data (GemFire) Overview
Spring Data (GemFire) OverviewJohn Blum
 
Latest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise ManagerLatest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise ManagerHari Srinivasan
 
Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2 Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2Hortonworks
 
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...DataWorks Summit
 
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...Trivadis
 
Oracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší novéhoOracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší novéhoMarketingArrowECS_CZ
 
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project ExperiencesUpgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project ExperiencesBruno Alves
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLEDB
 
Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQL Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQLEDB
 
Apache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARNApache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARNHortonworks
 

What's hot (20)

Get Started Building YARN Applications
Get Started Building YARN ApplicationsGet Started Building YARN Applications
Get Started Building YARN Applications
 
Hp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar SlidesHp Converged Systems and Hortonworks - Webinar Slides
Hp Converged Systems and Hortonworks - Webinar Slides
 
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
Pivotal CenturyLink Cloud Platform Seminar Presentation: The Developer Experi...
 
Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015Power of the AWR Warehouse- HotSos Symposium 2015
Power of the AWR Warehouse- HotSos Symposium 2015
 
Authoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using SliderAuthoring and Hosting Applications on YARN using Slider
Authoring and Hosting Applications on YARN using Slider
 
An overview of reference architectures for Postgres
An overview of reference architectures for PostgresAn overview of reference architectures for Postgres
An overview of reference architectures for Postgres
 
Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1Apache Ambari - What's New in 2.1
Apache Ambari - What's New in 2.1
 
Deploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via SliderDeploying Docker applications on YARN via Slider
Deploying Docker applications on YARN via Slider
 
Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014Developing YARN Applications - Integrating natively to YARN July 24 2014
Developing YARN Applications - Integrating natively to YARN July 24 2014
 
ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5ukoug-soa-sig-june-2016 v0.5
ukoug-soa-sig-june-2016 v0.5
 
Spring Data (GemFire) Overview
Spring Data (GemFire) OverviewSpring Data (GemFire) Overview
Spring Data (GemFire) Overview
 
Latest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise ManagerLatest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
Latest Innovations in Database as a Service Enabled by Oracle Enterprise Manager
 
Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2 Apache Ambari - What's New in 2.2
Apache Ambari - What's New in 2.2
 
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
Avoiding Log Data Overload in a CI/CD System While Streaming 190 Billion Even...
 
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
 
Oracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší novéhoOracle Database 19c - poslední z rodiny 12.2 a co přináší nového
Oracle Database 19c - poslední z rodiny 12.2 a co přináší nového
 
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project ExperiencesUpgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
Upgrading to Oracle SOA 12.1 & 12.2 - Practical Steps and Project Experiences
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
 
Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQL Best Practices & Lessons Learned from Deployment of PostgreSQL
Best Practices & Lessons Learned from Deployment of PostgreSQL
 
Apache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARNApache Ambari: Managing Hadoop and YARN
Apache Ambari: Managing Hadoop and YARN
 

Viewers also liked

5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize security5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize securityNetIQ
 
The city
The cityThe city
The citybjunque
 
Brain aging and therapeutic interventions
Brain aging and therapeutic interventionsBrain aging and therapeutic interventions
Brain aging and therapeutic interventionsSpringer
 
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасы
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасыФәүзия Бәйрәмованың "Ана" китабында милләт анасы темасы
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасыEnaleeva
 
Four stroke IC engine
Four stroke IC engineFour stroke IC engine
Four stroke IC engineNiren Panchal
 
Organización-Multimedia-Andrea Concha
Organización-Multimedia-Andrea ConchaOrganización-Multimedia-Andrea Concha
Organización-Multimedia-Andrea ConchaAndrea_Concha
 
Introduction To Groovy 2005
Introduction To Groovy 2005Introduction To Groovy 2005
Introduction To Groovy 2005Tugdual Grall
 
Registral y notarial marisela
Registral y notarial mariselaRegistral y notarial marisela
Registral y notarial mariselaWilmary Gonzalez
 
derecho agrario
derecho agrarioderecho agrario
derecho agrariocacc93
 
Manual of Neonatal Respiratory Care
Manual of Neonatal Respiratory CareManual of Neonatal Respiratory Care
Manual of Neonatal Respiratory CareSpringer
 
NCU Business Development on NetIQ IDM
NCU Business Development on NetIQ IDMNCU Business Development on NetIQ IDM
NCU Business Development on NetIQ IDMNCU Ltd
 
La emergencia del nuevo turista
La emergencia del nuevo turista La emergencia del nuevo turista
La emergencia del nuevo turista Alain Sévigny
 
Vulnerabilidades de las informaciones
Vulnerabilidades de las informacionesVulnerabilidades de las informaciones
Vulnerabilidades de las informacionesCesar Salvatierra
 
Davis Craig's Resume
Davis Craig's ResumeDavis Craig's Resume
Davis Craig's Resumedaviscraig93
 
NetIQ identity powered security
NetIQ identity powered security NetIQ identity powered security
NetIQ identity powered security Finceptum Oy
 

Viewers also liked (19)

5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize security5 insider tips for using it audits to maximize security
5 insider tips for using it audits to maximize security
 
The city
The cityThe city
The city
 
Brain aging and therapeutic interventions
Brain aging and therapeutic interventionsBrain aging and therapeutic interventions
Brain aging and therapeutic interventions
 
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасы
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасыФәүзия Бәйрәмованың "Ана" китабында милләт анасы темасы
Фәүзия Бәйрәмованың "Ана" китабында милләт анасы темасы
 
Four stroke IC engine
Four stroke IC engineFour stroke IC engine
Four stroke IC engine
 
Organización-Multimedia-Andrea Concha
Organización-Multimedia-Andrea ConchaOrganización-Multimedia-Andrea Concha
Organización-Multimedia-Andrea Concha
 
Introduction To Groovy 2005
Introduction To Groovy 2005Introduction To Groovy 2005
Introduction To Groovy 2005
 
Gary Hart_Resume_March 2015
Gary Hart_Resume_March 2015Gary Hart_Resume_March 2015
Gary Hart_Resume_March 2015
 
Registral y notarial marisela
Registral y notarial mariselaRegistral y notarial marisela
Registral y notarial marisela
 
derecho agrario
derecho agrarioderecho agrario
derecho agrario
 
Manual of Neonatal Respiratory Care
Manual of Neonatal Respiratory CareManual of Neonatal Respiratory Care
Manual of Neonatal Respiratory Care
 
NCU Business Development on NetIQ IDM
NCU Business Development on NetIQ IDMNCU Business Development on NetIQ IDM
NCU Business Development on NetIQ IDM
 
La emergencia del nuevo turista
La emergencia del nuevo turista La emergencia del nuevo turista
La emergencia del nuevo turista
 
Vulnerabilidades de las informaciones
Vulnerabilidades de las informacionesVulnerabilidades de las informaciones
Vulnerabilidades de las informaciones
 
Pms
PmsPms
Pms
 
Dossier visita What's a ship
Dossier visita What's a shipDossier visita What's a ship
Dossier visita What's a ship
 
Davis Craig's Resume
Davis Craig's ResumeDavis Craig's Resume
Davis Craig's Resume
 
La cultura taína y sus creencias religiosas
La cultura taína y sus creencias religiosasLa cultura taína y sus creencias religiosas
La cultura taína y sus creencias religiosas
 
NetIQ identity powered security
NetIQ identity powered security NetIQ identity powered security
NetIQ identity powered security
 

Similar to Permission collection and reconciliation service

The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...
The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...
The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...jeckels
 
Oracle Database Lifecycle Management
Oracle Database Lifecycle ManagementOracle Database Lifecycle Management
Oracle Database Lifecycle ManagementHari Srinivasan
 
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...VMware Tanzu
 
Architecting with power vm
Architecting with power vmArchitecting with power vm
Architecting with power vmCharlie Cler
 
Orchestrating Cloud Workloads with RightScale Self-Service
Orchestrating Cloud Workloads with RightScale Self-Service Orchestrating Cloud Workloads with RightScale Self-Service
Orchestrating Cloud Workloads with RightScale Self-Service RightScale
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld
 
CC200000000000000000000000000000000.pptx
CC200000000000000000000000000000000.pptxCC200000000000000000000000000000000.pptx
CC200000000000000000000000000000000.pptxatul190389
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleSanjeev Sharma
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld
 
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...AppDynamics
 
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancialTim Hinkle
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComTaunyaCoffman887
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld
 
Architecture & Operations
Architecture & OperationsArchitecture & Operations
Architecture & OperationsVMware Tanzu
 
Postgres in Production - Best Practices 2014
Postgres in Production - Best Practices 2014Postgres in Production - Best Practices 2014
Postgres in Production - Best Practices 2014EDB
 
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)VMware Tanzu
 
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Arraya Solutions
 

Similar to Permission collection and reconciliation service (20)

The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...
The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...
The Power of Java and Oracle WebLogic Server in the Public Cloud (OpenWorld, ...
 
Arcadia overview nr2
Arcadia overview nr2Arcadia overview nr2
Arcadia overview nr2
 
Oracle Database Lifecycle Management
Oracle Database Lifecycle ManagementOracle Database Lifecycle Management
Oracle Database Lifecycle Management
 
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...
Pivotal CenturyLink Cloud Platform Seminar Presentations: Architecture & Oper...
 
Architecting with power vm
Architecting with power vmArchitecting with power vm
Architecting with power vm
 
Orchestrating Cloud Workloads with RightScale Self-Service
Orchestrating Cloud Workloads with RightScale Self-Service Orchestrating Cloud Workloads with RightScale Self-Service
Orchestrating Cloud Workloads with RightScale Self-Service
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
 
Em13c New Features- Two of Two
Em13c New Features- Two of TwoEm13c New Features- Two of Two
Em13c New Features- Two of Two
 
CC200000000000000000000000000000000.pptx
CC200000000000000000000000000000000.pptxCC200000000000000000000000000000000.pptx
CC200000000000000000000000000000000.pptx
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scale
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
 
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...
Next-Gen Business Transaction Configuration, Instrumentation, and Java Perfor...
 
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial
18BC03_Discovery_Enables_Accurate_CMDB_Hinkle_DiscoverFinancial
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud Com
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
 
Architecture & Operations
Architecture & OperationsArchitecture & Operations
Architecture & Operations
 
Postgres in Production - Best Practices 2014
Postgres in Production - Best Practices 2014Postgres in Production - Best Practices 2014
Postgres in Production - Best Practices 2014
 
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
 
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
 

Recently uploaded

Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMoumonDas2
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubssamaasim06
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrsaastr
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxmohammadalnahdi22
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Vipesco
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 

Recently uploaded (20)

Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptx
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubs
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 

Permission collection and reconciliation service

  • 1. Permission Collection and Reconciliation Service (PCRS) November 2014 Kamal Narayan Senior Product Manager nkamal@netiq.com Rajiv Kumar Associate Senior Specialist krajiv@netiq.com #BrainShare #NetIQ7130
  • 2. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.2 Agenda • Entitlements and Resources • Current limitations • PCRS • PCRS components • PCRS flow • Troubleshooting tips
  • 4. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.4 Entitlements Model application permission IDM Drivers have sample entitlements Primarily managed by Designer Sample entitlements may not be readily useful (AD vs JDBC) Often application integration requires creating entitlements Primarily used on subscriber channel with IDV as the source of truth No out of the box solution for onboarding application assignments
  • 5. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.5 Resources Introduced during RBPM 3.7 Abstraction layer between driver entitlements and Roles. Curatable, thus people friendly names unlike entitlements, approval workflow Enables granular assignment status Management via Designer/UserApplication interface Bound to one entitlement only, static & dynamic assignments No out of the box solution for onboarding application assignment
  • 6. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.6 Resource model
  • 8. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.8 Current Limitations • Application on boarding requires custom implementation to on-board existing permission assignments • Assignment state may quickly get out of sync unless all permission changes are done from IDM • Catalogue does not reflect the actual state • Creating new entitlements is tedious
  • 9. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.9 Current limitations • Requires changes in multiple locations : resource objects/policies • Multiple tools/steps required to create a resource associated with an entitlement • Resource/Entitlement assignments are uni- directional(subscriber only)
  • 10. PCRS
  • 11. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.11 PCRS – What's new • Easily create new Entitlements • Seamless out of the box support for implementing resource model for IDM drivers • On-board application permissions and assignments • Update assignment status changes on both channels (publisher & subscriber) • Simplified and quicker application integration • Comprehensive permission catalogue • Catalogue shows the actual state • A common package for use with custom drivers
  • 12. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.12 PCRS - Overview
  • 14. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.14 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 15. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.15 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 16. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.16 Engine changes Startup/Shutdown policy containers • Two new policy containers • Startup container has policies for performing initialization tasks • All run-once policies required at startup can be added here • Policies are executed after driver start by the engine. • Shutdown container can have policies for performing finalization tasks • Polcies to save state/info that may be needed at driver shutdown • Policies are executed before stopping the driver.
  • 17. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.17 Engine changes Startup/Shutdown policy containers
  • 18. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.18 Engine changes Startup/Shutdown policy containers - Benefits • Cleaner implementation, easier to debug • No need to perform checks in content to verify if the driver is up before executing initialization policies • Run-once policies are outside of normal event-flow containers, reduced tracing • Shutdown tasks can be performed, which is not possible otherwise.
  • 19. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.19 Engine changes Resource management API's xmlns:ps=“http://www.novell.com/nxsl/java/com.netiq.resources.ProvisioningSchedu ler” // Provisions users to IDM resources in RBPM and reconciles the permissions of // the user. String ReconcilePermissions(String uaUrl, String uaUser, String uaPwd, String recipient, int delay, String payload, boolean debugOn) // Performs CodeMap Refresh of the Group Entitlement in RBPM String RefreshCodeMapforGroupEntitlement(String uaUrl, String uaUser, String uaPwd, String recipient, int delay, String payload, boolean debugOn) // Reconciles resource assignments for groups in RBPM String ReconcileGroupMemberPermissions(String uaUrl, String uaUser, String uaPwd, String group, int delay, String payload, boolean debugOn) // Check timestamp and allow grant or revoke if current timestamp is greater // than or equal to that of the last update in the nrfResource history. String AllowEntitlementGrantOrRevoke(String uaUser, String recvdEntTimeStamp, String historyPayload, boolean debugOn)
  • 20. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.20 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 21. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.21 Administrative accounts • Following administrative accounts are used – IDV Administrator – PCRS Administrator • Password Policy should be assigned to both the admin users. • Distribution password for these users are utilized for creating/updating various objects
  • 22. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.22 Administrative accounts Password policy assignment
  • 23. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.23 Administrative Accounts IDV administrator/PCRS Administrator - Tasks IDV administrator Job execution PCRS Administrator Resource creation Code-map refresh Cache flush Assign/revoke resources Queries to user app
  • 24. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.24 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 25. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.25 Resources Dynamic • Default Configuration – resources created by PCRS have dynamic values • Requires creating fewer resources • Simplifies resource management • Easy to add/remove values instead of creating/deleting resources.
  • 26. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.26 Resources Static • Access to some resources/permissions may need to be tightly controlled for e.g. financial, business, etc. • Manually configured • Catalog administrator can be used for creating static resources. • Existing static resources may be added to the StaticValueEntitlementMap
  • 27. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.27 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 28. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.28 Packages Driverset • New driverset package(NOVLACOMSET) introduced to specify – User application URL – Administrative user for performing PCRS actions
  • 29. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.29 Packages Driverset - screenshot
  • 30. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.30 Packages Driver Specialized package Active Directory Entitlements and Exchange Mailbox Support Package LDAP Entitlements Package Delimited Text Entitlements Package Loopback Entitlements Package Common package Permission Collection and Reconciliation Service Package [Validated for SOAP driver]
  • 31. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.31 Packages Driver • Common Package - NOVLCOMPCRS
  • 32. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.32 Packages Mapping Table - PermissionNameToFile • Contains entitlement configuration data specified during package installation in designer.
  • 33. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.33 Driver objects Post deployment
  • 34. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.34 Driver objects Post driver start
  • 35. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.35 Packages Mapping Table - PermissionEntMapping • Contains mapping of entitlement and the respective resource objects. • Mapping table is empty at deploy time.
  • 36. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.36 Packages Mapping Table – PermissionEntMapping • The specified entitlement is created by the driver startup policies.
  • 37. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.37 Packages Entitlement object
  • 38. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.38 Packages Mapping Table - PermissionEntMapping • The resource object is created by the Job object.
  • 39. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.39 Packages Mapping Table - StaticValueEntitlementMap • Contains configuration data for static valued resources • Mapping table is empty at deploy time. • Manually populated • Used for granular control.
  • 40. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.40 Packages Mapping Table - <Entitlement>_Values • Contains values for an entitlement if values are specified by a csv file # #CSV File containing entitlement values # Building A, Engineering, The engineering building Building B, Accounting, The accounting building Building C, Facilities, The facilities building Building D, Warehouse, The warehouse
  • 41. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.41 Packages Mapping Table - <Entitlement>_Values • Created by startup policies to store the entitlement values.
  • 42. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.42 Packages Mapping Table - <Entitlement>_Values • Contains entitlement values read from csv file providing the entitlement values.
  • 43. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.43 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 44. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.44 Job Permission onboarding • IDM Job object. • Configured during driver start-up. • Admin user account and password automatically configured by the start-up policies. • Not scheduled by default • Executed during driver startup – invoked by startup policies Requires appropriate rights on PCRS objects
  • 45. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.45 Job Permission Onboarding - Tasks • Reading CSV files containing Entitlement Values and populating <name>_Values objects • Creating a Dynamic Resource for assigning Entitlement Values to Users • Populating PermissionEntMapping object with the Resource DN • Triggering RBPM code-map refresh to recognize the new entitlements and values
  • 46. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.46 Job Permission onboarding
  • 47. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.47 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 48. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.48 Access Control List PCRS Objects Permission Onboarding Job [Trustee] [Entry Rights] → Browse [All Attributes] → Supervisor PermissionEntMapping <ENTITLEMENT>_Valu es <ENTITLEMENT>
  • 49. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.49 PCRS components Engine changes Administrative accounts Dynamic and Static Resources Packages Job Access Control List GCV Controls
  • 50. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.50 GCV controls • PCRS package – reconcile all entitlements • PCRS package – reconcile select entitlement
  • 51. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.51 GCV controls • Specialized PCRS entitlement package
  • 53. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.53 Publisher Channel update
  • 54. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.54 Subscriber channel Attribute assignment
  • 55. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.55 Subscriber channel RBPM assignment
  • 57. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.57 Troubleshooting tips • Use the PCRS admin user for PCRS automation only – Do not perform any modification from the UserApplication/Aqua UI using this user – Changes performed by the PCRS admin are vetoed out by the policy as a part of loopback detection. • The entitlement attribute name in the entitlement-to- file mapping table should be in Identity manager namespace.
  • 58. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.58 Troubleshooting tips • Job does not executes at driver startup – Verify that password policies are enabled and the Identity vault administrator has an assignment. – Check Identity vault administrator’s password has been set after enabling the password policy. • Resource assignment not working – Check the status of the “User Application” and “Role and Resource” service drivers. The drivers should be in running state.
  • 59. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.59 Troubleshooting tips • Permission on boarding job does not update the catalogue for assignment changes – Verify that password policy is enabled and the PCRS administrator has an assignment. – Verify that the correct connection values are provided in the driverset advanced common settings package. – Verify that the PCRS administrator has resource management rights. Is Permission Collection and Reconciliation GCV Enabled ?
  • 60. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.60 Troubleshooting tips • Steps to clean-up PCRS objects and resources – Stop the driver – Using User Application UI, delete all the resources specified in the “PermissionEntMapping” mapping table under the “resourceDn” column – Delete all the “<entitlement>_values” objects under the driver objects – Delete the entitlements specified in the “entitlementDn” column of the “PermissionEntMapping” mapping table – Delete the entries of the “PermissionEntMapping” mapping table
  • 61. © 2014 NetIQ Corporation. All rights reserved.61 Thank you. Don’t miss the Identity-Powered Experience in IT Central.
  • 62. © 2014 NetIQ Corporation and its affiliates. All Rights Reserved.62 +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com Worldwide Headquarters 515 Post Oak Blvd., Suite 1200 Houston, TX 77027 USA www.netiq.com/communities
  • 63. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2014 NetIQ Corporation and its affiliates. All Rights Reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States.