Role recertification in Tivoli Identity Manager

IBM Tivoli Identity Manager

From the developerWorks archives

Chris Choi, Patricia Saunders, and Leanne Chen

Date archived: December 19, 2016 | First published: August 08, 2008

In IBM® Tivoli® Identity Manager (ITIM), organizational roles help to simplify and automate the process of provisioning and de-provisioning user privileges to IT and non-IT resources. In addition to the user and account lifecycle management that ITIM provides, workflows can also assist with the lifecycle management of user role memberships, such as role assignment and role approval. Another important process is validating the continued business need for a person to be a member of a role. This process is known as role recertification or attestation. ITIM version 5.0, introduced a number of enhancements that allow users to request role assignments and have those requests approved by the role owner. Recertification of user role membership is another role management process that can be built in ITIM 5.0, and this process can be implemented in a number of ways. Although ITIM 5.0 does not provide this functionality in a ready-to-use interface, this article discusses a number of solutions for implementing role recertification in ITIM 5.0.

This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.

Zone=Security, Tivoli
ArticleTitle=Role recertification in Tivoli Identity Manager