1. From Ca Identity Manager User console , by using Create Admin Task, create a Copy of following task :
Modify Active Directory Account
And modify the name like : [PORTAL] Modify Active Directory Account
Note : The Tag Field Name Must be on this Format : PORTALModifyActiveDirectoryAccount
(please do not use spaces or special characters for the Tag Field )
2. From IDM , create a New Admin Role ,
ie. called [PORTAL] Modify ADS All Users
Assign the following Tasks to the New Admin Role , example :
- Modify My Endpoint Accounts
- [PORTAL] Modify Active Directory Account
3. On Members Tab , add the Following Scope configuration
Click ok and submit
4. Login to Identity Portal Management Console ,
- Click on Admin UI
- Click on Elements ,
- from Backend Menu, click on Tasks,
- Click on Create button to create a New Portal Task,
The New Task Will Maps to “[PORTAL] Modify Active Directory Account” admin task…
5. From Backend Menu, Click on Forms, to Create a New Form for the Portal Task created previously
And map the TASK to that Form PORTALModifyActiveDirectoryAccount
6. You need to have and Endpoint (For Active Directory Example) created on Admin UI (portal)
If you have not Endpoint created , in left pane, under Backend, click Endpoints and fill like the example.
7. Click On ENTITLEMENTS tab , set as follow
8. Click On ACCOUNT ATTRIBUTES tab, set as follow
9. Click on INSTANCES tab , select All Instances
- Save the changes
- Check on Setup Tab if a Connector Restart is needed.
10. Testing a User who has an Active Directory Account , Login to IDP with that username.
12. From Access Menu, you also will be able to see the Endpoint Accounts.