Fischer supports a wide range of integrations across multiple system types and protocols. Each Connected System is integrated into the product via a distinct form that requires different integration properties and parameters. Within each integration, is a global set of properties that you will see. The following sections will explain the global configuration properties that are applicable to each connector type.
Supported "Connectors" (Integrations)
The first component of a connector integration form that you will see is a table with a header of "Supported Connectors". A better term for this is "Supported Integrations" as it speaks to the mechanics of how the Connected System is integrated into the product. Review Fischer's Architecture for details regarding the difference. The box you will see will change depending on what components within Fischer are supported. There are two that you will see.
As you change the "Type" combo box, you will see this box change. This is an example of a connector that will support both Identity and Provisioning. The values in the column will change and can be only "Identity", only "Provisioning" or it can be both as seen in this screenshot below:
This table describes the depth of integration supported for each type.
|Provisioning support will vary depending upon the Connected System selected. Refer to each Connected System's supported integration section for more details as to which functionality is available for each Connected System, provisioning integration.|
*Note that not all connectors support all the listed functionality. Each integration will provide the specific list of functionality supported within the context of Identity integration.
Global Connected System Properties for All Integrations
|Supported Connectors||Displays whether the connected system is Identity only, Provisioning only, or both.|
|Type||The "Type" is the actual connector Fischer provides integration for. An example would be "Active Directory" or "Google Apps".|
|Locale||Select the preferred language (default: English). Locale specific information such as Display Name and Description can be added only while modifying the connected system.|
The name for this connected system. Note: The name cannot be modified later.
The name will be used for administrative purposes. This name field is often reserved as the internal name that administrators and the IT team refer to the server. this is not to be confused with the Display Name property which is also available as a property.
|Display Name||This Display Name property is used as the value of the connector that will be displayed to the end users. This value is also leveraged in some of the reports that are created as well, depending on the context. The concept to understand at this point is that the Name field should be reserved as an internal name for the connected system and the display name should be treated as a field and value that end users will see when they are performing actions such as password resets, etc.|
|Description||The description field is an open text box that provides administrators with the ability to describe any connected or integration context that may be helpful to other administrators to understand the intended use of the integrated connector.|
This property provides instructions to the integrated connector. If the value is "Server" then all communication to/from the connector will initiate and be received locally (within the Identity/Provisioning server). If a GIG or GIG Cluster is set as the value of this property, the connector will leverage the associated GIG to abstract the communication to/from the connector to utilize a Global Identity Gateway. Refer to the Global Identity Gateway Guide for more details on how the GIG communication occurs.
Below is a brief description of the options available in the drop down menu:
|Password Reset By||Enables administrators to configure password management functions normally available to Users and OBO (On Behalf Of) Users:
Note: When user management configuration enables OBO Users to perform password resets, this definition must be set to OBO User Only or Users and OBO User. For connectors that support Provisioning only, there is no password reset capability.
|Provisioning Option||Select the provisioning option:
|Enable HPAM Support||
Connected Systems may also offer an HPAM option. Select to make the connected system HPAM enabled (default: cleared). Note: This can only be set for systems that support Identity.
Refer to the HPAM Feature Guide for more details on configuring HPAM for connectors.
|Enable Transfer of Accounts||When selected, administrators are enabling the option to allow OBO users to transfer accounts to separate Identity.|
|Password Expiration Support|
|Expiration Options For Admin/OBO User Password Reset||
Specify the password expiration: None, Immediate, or Immediate with Date.
Note: If Immediate with Date is selected, Immediate is also available.
The Detect button creates a connection to the connected system using current configuration settings. The connector then attempts to determine correct values for the settings, which are auto-detected, and then these settings are updated with detected values.
|System Owner||Add or Remove users assigned as the owners of the system. Displays the Connected System Owner Search page for selecting users. The HPAM column indicates whether the system owner is authorized to use the HPAM feature. The Approvers column indicates whether the system owner is an approver in the approval process.|
|Add/Remove||Adds or removes users assigned as the owners of the system. Displays the Connected System Owner Search page for selecting users. The HPAM column indicates whether the system owner is authorized to use the HPAM feature. The Approvers column indicates whether the system owner is an approver in the approval process.|
Test the connection
Click the Test Connection button to test the Connection Information:
- If successful, one or both of these messages may display:
Message: Connection from Provisioning to the connected system was established successfully.
Message: Connection from Identity to the connected system was established successfully.
- If unsuccessful, one or both of these messages may display:
Error: Failed to establish connection from Provisioning to the connected system.
Error: Failed to establish connection from Identity to the connected system.
Note: If the connection fails, additional messages may display providing more information regarding the failure, and additional information may be posted to the Provisioning and Identity logs.
Configure a system owner
To select owners of the system, click the System Owner Add button. The Connected System Owner Search page displays:
Select the owners and then click the Select button. The system owner displays under the System Owner section:
Note: More than one user can be assigned as an owner.
To add additional system owners:
- Click the Add button.
- On the Connected System Details page, click the Add button to save the configured connected system. The Object Category Association page displays a list of categories that are already associated and/or can be selected to add additional associations to this connected system:
- Select one or more available object categories or provide search criteria and click the Search button to find specific categories to select. If there are no available categories to select, proceed to Step 8.
- Click the Add Association button to associate the selected object categories to the connected system.
- Click the Back button to return to the Connected System View page. The new connected system displays in the list.