Deployment Guide Series: IBM Tivoli Identity Manager 5.0

Deployment Guide Series: IBM Tivoli Identity Manager 5.0

by Axel Buecker, Walter Karl, Jani Perttila
Released December 2008
Publisher(s): IBM Redbooks
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Deploying an identity management solution for a medium size business begins with a thorough analysis of the existing business and IT environment. After we fully understand the organization, their deployed infrastructure, and the application framework, we can define an applicable representation of these assets within an identity management implementation.

This IBM® Redbooks® publication, intended for IBM Business Partners, takes a step-by-step approach to implementing an identity management solution based on IBM Tivoli® Identity Manager. Part 1 discusses the general business context and the planning approach for an identity management solution. Part 2 takes you through an example company profile with existing business policies and guidelines and builds an identity management solution design for this particular environment. We describe how the components can be integrated into the existing environment. Then, we focus on the detailed configuration of identity management integration tasks that must be implemented in order to create a fully functional end-to-end solution.

This IBM Redbooks publication does not introduce any general identity management concepts, nor does it systematically explain all of Tivoli Identity Manager's components and capabilities; instead, those details are thoroughly discussed in the IBM Redbooks publications: Identity Management Design Guide with IBM Tivoli Identity Manager, SG24-6996, and Enterprise Security Architecture Using IBM Tivoli Security Solutions, SG24-6014.

Table of contents

  1. Notices
    1. Trademarks
  2. Summary of changes
    1. December 2008, Third Edition
  3. Preface
    1. The team that wrote this book
    2. Become a published author
    3. Comments welcome
  4. Part 1: Planning and deploying
  5. Chapter 1: Business context for Identity and Credential Management
    1. Security policies, risk, due care, and due diligence
    2. Centralized user management
      1. Single interface
      2. Security policy enforcement
      3. Central password management
      4. Delegation of administration
      5. User self-care
      6. Multiple repository support
      7. Workflow
      8. Centralized auditing and reporting
    3. Simplify user management
      1. Automation of business processes
      2. Automated default and validation policies
      3. Single access control models
      4. Ubiquitous management interfaces
      5. Integration of other management architectures
    4. Life cycle management
    5. Access control models
      1. The Role Based Access Control model
      2. Other access control models
      3. Which model
      4. Selection process
      5. Roles as opposed to groups
      6. Designs
      7. Observations
    6. Identity management compared to Meta Directory
    7. Conclusion
  6. Chapter 2: Planning for the client engagement
    1. Services engagement preparation
      1. Implementation skills
      2. Available resources
    2. Services engagement overview
      1. Executive Assessment
      2. Medium-sized engagement
      3. Smaller engagements
      4. Analyzing solution tasks
      5. Creating a contract or statement of work
    3. Defining solution tasks
      1. Deployment tasks
    4. Conclusion
  7. Part 2: Client environment
  8. Chapter 3: Company profile
    1. Current architecture
      1. Organization
      2. IT architecture
  9. Chapter 4: Solution design
    1. Organizational structure
      1. Identity Manager organizational tree
      2. Organizational roles
    2. Managed resources
    3. Policies
      1. Provisioning policies
      2. Access Entitlements
      3. Recertification policies
      4. Password policies
      5. Identity policies
    4. Human Resources feed
    5. Reconciliation
    6. Adoption rule
    7. Administration
      1. Delegation
      2. Self-care
    8. Existing installation
      1. Current architecture
      2. Planning
  10. Chapter 5: Installing the components
    1. Identity Manager server installation
      1. Installing DB2
      2. Installing WebSphere Application Server
      3. Installing the WebSphere Update Installer (1/2)
      4. Installing the WebSphere Update Installer (2/2)
      5. Installing Tivoli Directory Server
      6. Configuring middleware
      7. IBM Tivoli Directory Integrator Installation
      8. IBM Tivoli Identity Manager installation (1/3)
      9. IBM Tivoli Identity Manager installation (2/3)
      10. IBM Tivoli Identity Manager installation (3/3)
      11. Identity Manager initial login
    2. Identity Manager Adapter installation
      1. Installing the Active Directory Adapter
      2. Installing the Tivoli Access Manager Combo Adapter (1/2)
      3. Installing the Tivoli Access Manager Combo Adapter (2/2)
      4. Installing the Identity Manager Domino Adapter (1/3)
      5. Installing the Identity Manager Domino Adapter (2/3)
      6. Installing the Identity Manager Domino Adapter (3/3)
    3. Identity Manager fix pack installation
      1. WebSphere Update Installer
      2. Identity Manager Fix Pack 1 (1/2)
      3. Identity Manager Fix Pack 1 (2/2)
    4. Identity Manager Information Center installation
  11. Chapter 6: Configuring Identity Manager
    1. Creating the locations
    2. Changing the person form
    3. Modifying the global adoption policy
    4. Modifying the identity policy
    5. Creating the services
      1. Creating the HR import service
      2. Creating the Active Directory service
      3. Creating the Access Manager service
      4. Creating the Whitepages service
    6. Creating the organizational roles
    7. Creating the provisioning policies
      1. Provisioning policy for Sales
      2. Provisioning policy for Manufacturing
      3. Provisioning policy for Executives
      4. Provisioning policy for Accounting
      5. Provisioning policy for IT
    8. Managing access entitlements
      1. Creating the access request workflow
      2. Creating the accesses
      3. Creating the recertification policy
    9. Setting the Access Manager service defaults
    10. Modifying the default provisioning policies
      1. Changing the Active Directory Default Provisioning Policy (1/2)
      2. Changing the Active Directory Default Provisioning Policy (2/2)
      3. Changing the Whitepages Default Provisioning Policy
      4. Changing the Access Manager Default Provisioning Policy
    11. Creating a default password policy
  12. Chapter 7: Identifying initial tasks
    1. Identity Manager prerequisites
    2. Running reconciliation
    3. Activating the provisioning policies
    4. Setting the global policy enforcement
    5. Setting policy enforcement for services
    6. Changing passwords
    7. Conclusion
  13. Part 3: Appendixes
  14. Appendix A: Troubleshooting
    1. Unable to access Identity Manager
    2. Login to Identity Manager fails
    3. People or accounts do not show up in Identity Manager
    4. Access Manager reconciliation does not find all users
    5. Logs
    6. Workflow changes are not working
    7. Identity Manager online log
    8. Viewing more objects simultaneously
    9. Common problems caused by database failure
    10. Common ports
    11. Conclusion
  15. Appendix B: Rapid Installer Option
    1. Tivoli Identity Manager Rapid Install Option (1/4)
    2. Tivoli Identity Manager Rapid Install Option (2/4)
    3. Tivoli Identity Manager Rapid Install Option (3/4)
    4. Tivoli Identity Manager Rapid Install Option (4/4)
  16. Appendix C: Import/export
    1. Exporting data
    2. Downloading the exported data
    3. Importing data
      1. Updates and conflicts
  17. Appendix D: Self-service
    1. Requesting access
    2. Processing access requests
  18. Appendix E: Statement of work
    1. Building a security infrastructure solution
    2. Executive summary
    3. Project scope
    4. Assumptions
      1. IBM Business Partner responsibilities
      2. Customer responsibilities
      3. Deliverable materials
      4. Completion criteria
      5. Estimated schedule
      6. Charges
  19. Related publications
    1. IBM Redbooks publications
    2. Other publications
    3. Online resources
    4. How to get IBM Redbooks publications
    5. Help from IBM
  20. Index (1/2)
  21. Index (2/2)
  22. Back cover

Product information

  • Title: Deployment Guide Series: IBM Tivoli Identity Manager 5.0
  • Author(s): Axel Buecker, Walter Karl, Jani Perttila
  • Release date: December 2008
  • Publisher(s): IBM Redbooks
  • ISBN: None