How to Show My Endpoints Accounts from Identity Portal

Document ID : KB000010607
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

This is an example about how to configure Identity Manager Admin Tasks, Admin Role definition and other important details to display my Active Directory Endpoint accounts from Identity Portal.

Background:

From Identity Manager we are able to display or View My Endpoint Accounts however from Identity Portal UI this feature does not appears as default option.

Pantalla00.JPG

By creating a new task based on a copy from "Modify Active Directory Account" task , it is possible to expose the tasks needed to display the Active Directory Endpoint Accounts from My Profile menu when  Login in IDP.

Below the details and steps needed from Identity Manager and Identity Portal about How to Show My Endpoints Accounts.

Environment:
Ca Identity Portal 12.6xCa Identity Manager Virtual Appliance 14.x
Instructions:

 

1. From Ca Identity Manager User console , by using Create Admin Task, create a Copy of following task :

          Modify Active Directory Account

And modify the name like : [PORTAL] Modify Active Directory Account

    Note : The Tag Field Name Must be on this Format : PORTALModifyActiveDirectoryAccount

(please do not use spaces or special characters for the Tag Field )

 

Pantalla001.JPG

 

2. From IDM , create a New Admin Role ,

 ie. called  [PORTAL] Modify ADS All Users

 

Assign the following Tasks  to the New Admin Role , example :

-          Modify My Endpoint Accounts

-          [PORTAL] Modify Active Directory Account

 

 

pantalla02.JPG

 

3. On Members Tab , add the Following Scope configuration

 

Pantalla03.jpg

 

Click ok and submit 

 

4. Login to Identity Portal Management Console  ,

-          Click on Admin UI

-          Click on Elements ,

-          from Backend Menu, click on Tasks,

-          Click on Create button to create a New Portal Task,

 

 

Pantalla04.JPG

 

The New Task Will Maps to “[PORTAL] Modify Active Directory Account” admin task…

 

Pantalla05.jpg

 

5.   From Backend Menu, Click on Forms, to Create a New Form for the Portal Task created previously

 

Pantalla06.jpg

And map the TASK to that Form PORTALModifyActiveDirectoryAccount

 

Pantalla07.jpg

 

6.  You need to have and Endpoint (For Active Directory Example) created on Admin UI (portal)

If you have not Endpoint created , in left pane, under Backend, click Endpoints and fill like the example.

 

Pantalla08.jpg

 

7.  Click On ENTITLEMENTS tab , set as follow 

 

Pantalla09.jpg

 

8.  Click On ACCOUNT ATTRIBUTES tab, set as follow

 

Pantall10.jpg

 

9.    Click on INSTANCES tab , select All Instances

 

Pantalla11.jpg

 

-          Save the changes

-          Check on Setup Tab if a Connector Restart is needed. 

 

10. Testing a User who has an Active Directory Account , Login to IDP with that username.

 

Pantalla12.jpg

 

12. From Access Menu, you also will be able to see the Endpoint Accounts.

 

Pantalla13.jpg

 

 

Additional Information:

Please visit :

https://docops.ca.com/ca-identity-suite/14-1/EN