tivoli identity manager - ibmpublib.boulder.ibm.com/tividd/td/itim/sc32-1152-02/zh_tw/...ª ú...
TRANSCRIPT
:
bΩTΣΣúºeA²\¬ 39yNzñΩTC
T]2004 2 δ
A≤ Tivoli Identity Manager 4.5.1 ß≥MqAúDsñtµⁿC
N SC40-1844-01
© Copyright International Business Machines Corporation 2004. All rights reserved.
²
eÑ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vA∩H . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Tivoli Identity Manager °Aw . . . . . . . . . . . . . . . . . . . . . . . . . . . v÷y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viuWsy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi
≤Uuπ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viisnΘΣñ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii@ttº . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii4.5.1 íwñqC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiHOME ²wq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Tivoli Identity Manager c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1² . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2z . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Hz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2zA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 nJ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5yÑ∩ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5sKX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5OKX]KXLd/ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6jεLd/tm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6KX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
jε≤KX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7KXz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7nX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3 @PS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9² . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9D\αϕ²C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9u@C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Θ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10í . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11KXz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11bßz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12[Jsbß . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13∩bß . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14°bß . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15bß . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15≤KX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Mµ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16°MµnDΩ . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
nD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18mñnD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20w¿nD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
© Copyright IBM Corp. 2004 iii
||||
µ÷f . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20HΩT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21eúv¡ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22sWeú . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22≤eú . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22∩∩weúH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
KXLd/¬ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5 °i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25°i¼ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26@°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27A°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Q°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35bß°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36q°i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
N . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Wⁿ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
iv Tivoli Identity Manager: @δΓU
||
eÑ
uIBM® Tivoli® Identity Manager °Av]Tivoli Identity Manager °AO@
zπwzuπCΓUíp≤ Tivoli Identity Manager
@δ\αMSC
A∩H
ΓUútd@Σ Tivoli Identity Manager bß@δ\¬C¬n
π≥ Web Ms²ºABαO⌡µµ@δ@C
y
ziH\¬ Tivoli Identity Manager wByM÷yíAPy
±C∩wznyºßA\uWsyⁿC
Tivoli Identity Manager °Aw
Tivoli Identity Manager Nσ≤wñXs¿UCG
v ΩT
v uWU
v °Aw
v zPtm
v NW
v NzwΩT
ΩTG
v IBM Tivoli Identity Manager N
ú Tivoli Identity Manager nwΘDAHΣLíBíHΣL
ΣΩTC
v Tivoli Identity Manager ²\¬d
uWUG
v Tivoli Identity Manager uWU
w∩ Tivoli Identity Manager z@AúπXíuWíDDC
°AwG
v IBM Tivoli Identity Manager °AwΓU UNIX M Linux - WebSphere
ªú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU Windows - WebSphere
ªú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU UNIX - WebLogic
© Copyright IBM Corp. 2004 v
ªú Tivoli Identity Manager wΩTC
v IBM Tivoli Identity Manager °AwΓU Windows 2000 - WebLogic
ªú Tivoli Identity Manager wΩTC
zPtmG
v IBM Tivoli Identity Manager Policy and Organization Administration Guide
ú÷ Tivoli Identity Manager z@DDC
v IBM Tivoli Identity Manager @δΓU
ú Tivoli Identity Manager ΩTC
v IBM Tivoli Identity Manager tmΓU
úµ@°AMOº Tivoli Identity Manager tmtmΩTC
NWG
v IBM Tivoli Identity Manager Problem Determination Guide
ú Tivoli Identity Manager úΣLDMΩTC
NzwG
v Tivoli Identity Manager Nσ≤w]A Tivoli Identity Manager Ω@ºuNzv
≤¡xSwσ≤oiC
÷y
ziHbUCyñΣ Tivoli Identity Manager ÷ΩTG
v Tivoli Software Library úFU Tivoli yApBΩu@ϕBdB⌡
MqHτCziqUC⌠o Tivoli Software LibraryG
http://www.ibm.com/software/tivoli/library/
v Tivoli Software Glossary ]t\h Tivoli nΘ÷NywqCziq Tivoli Software
Library ⌠¬ Glossary ño Tivoli Software Glossary]uσC
http://www.ibm.com/software/tivoli/library/
uWsy
úuiΓíσ≤µív(PDF) uWσrOyÑv(HTML) ΓµíuW
yAú≤ Tivoli Software Library ñG
http://www.ibm.com/software/tivoli/library/
pGnbwñMΣúyA÷@U Library ¬ Product manuals CAb Tivoli Software Information Center WMΣ÷@UúWC
úy]ANBwΓUBΓUBzΓUHoΓ
UC
: FTOCL PDF yAb Adobe Acrobat uCLv°í]÷@U
> CLYXñA∩X∩C
vi Tivoli Identity Manager: @δΓU
≤Uuπ
úσ≤tUCSAiHUz≤UuπG
v σ≤ HTML M PDF ΓµíAi²Me¬C
v σ≤ñvúNσrAi²°FveC
snΘΣñ
bp IBM Tivoli nΘΣñnDMDºeA² IBM Tivoli nΘΣ
ñ⌠AΦk÷@U Tivoli ΣAñA⌠pUG
http://www.ibm.com/software/sysmgmt/products/support/
pGzni@B≤UAQUC⌠ñ IBM Software Support Guide íΦ
kpnΘΣñG
http://techsupport.services.ibm.com/guides/handbook.html
úUCΩTG
v ¼Σn²MAD
v qXMqll≤] zbΩaw
v bpßΣñºeA¼ΩTMµ
D
ΓUNw∩SϕⁿJM@AHw∩@twⁿOM⌠Ah
DC
UOrΘDG
Θ gΣσrB÷ΣrBB∩BJava ¼WH½≤ñ°Hpgⁿ
OjpgVXⁿOAHΘC
Θ BXDSϕrⁿyHΘ[HjC
ÑerΘ
gΣσrBtTºBΣJσrAHⁿO∩ ñ°
HíXdB@δⁿOBeΘXBM²WAíHÑe
C
@ttº
UNIX D ⁿw⌠AHϕ²Cb Windows ⁿOµA
%variable% N $variableA ⌠ABN²⌠ñC°u (/)A
Hu (\) NCYzO Windows tñ bash ShellAziH UNIX D
C
4.5.1 íwñqC
Tivoli Identity Manager 4.5.1 Nσ≤wQqCr ⁿX∩²eb 4.5 íw
ñXΩTwiµN≤aΦCqCOH≤¬ΣΣZñ½ u ( | )
ϕC
eÑ vii
HOME ²wq
Uϕ]tσ≤ñw]wqAHNϕUúw⌠uHOMEv²hC
ziHw∩zSwΩ@Φíqw²M HOME ²CpGOoípAhz
∩ϕñeC@iµAϕ½C
⌠ w]wq
ITIM_HOME Windows:
c:\itim45\
UNIX:
/itim45/
WAS_HOME Windows:
c:\Program Files\WebSphere\AppServer\
UNIX:
/opt/WebSphere/DeploymentManager/
WAS_NDM_HOME Windows:
C:\Program Files\WebSphere\DeploymentManager\
UNIX:
/opt/WebSphere/DeploymentManager/
BEA_HOME Windows:
c:\bea\
UNIX:
/usr/local/bea/
viii Tivoli Identity Manager: @δΓU
1
IBM Tivoli Identity Manager úFHíph≥ªMΦnΘMA
CTivoli Identity Manager ib¼°⌠UObΩ°ñAú
uB ]M±ºísvA ≤UqNy C
b]wnlqΩΘ]pµB±MmºßAsWH
ΩΘCñΓM ITIM s]N#CAziHNHΩΘⁿúñΓM
ITIM sCoU O#AFA²ziHsúP¼ⁿzΩA
O OracleBWindows NT® ÑÑCñΓiHzLh BAA
H#\UñΓHΩΘsAⁿzΩCb Tivoli Identity
Manager °Añsv ITIM sOQACI $ªb Tivoli Identity Manager
vQABⁿúHΩΘ ITIM siQ$vQ
Tivoli Identity Manager c
HUO Tivoli Identity Manager tp≤B@≥[C
HΩΘ[JHlqΩΘñC
© Copyright IBM Corp. 2004 1
|
|
|
|
|
|
|
@HΩΘiHⁿú@ñΓAñΓzLh ß$ⁿzΩ
svCh]w@HbsⁿzΩπv¡C
ITIM O@F Tivoli Identity Manager bßHΩΘCITIM ]i
HPⁿú ITIM sAszL ACI $\αANsvß$ Tivoli
Identity Manager °AC
YHΩΘ]qu@%ⁿútzAΣπhº
Tivoli Identity Manager \αsvC
²
C@uD\αϕ²Cvi²ze÷a² Tivoli Identity Manager tC
ziHQt¬ u@C∩A sCuD\αϕ²Cv∩
\αC
Tivoli Identity Manager tO$@h¿Ai]tlqΩΘ]p
µBmM±Aoúsb%l÷YñCC@ Tivoli
Identity Manager ΩΘúi]tHΩΘAMßΩΘYiⁿú ITIM sMñ
ΓCtzñΓiHⁿún Tivoli Identity Manager \αd≥ºπs
vHΩΘC
z
zOQuD\αϕ²CvWuv ⌡µCϕz÷@U
A¬ Yπuvu@CCu@CπbΣlqΩΘ⌡
µ\αAHbMΣLΩΘ]tHΩΘC
÷@UuvA Tivoli Identity Manager π@ΓíµC¬íµ
πMµAΣµíiHi/¼XA πlqΩΘCziHo≈Mµ ∩
ΩΘCkíµhπΩΘ]uvBumvBuµvBu±
vuHv]w∩∩ΩΘMµC
⌠≤lqΩΘúiHOΩΘlqAO⌠≤ΣLΩΘlqClqΩ
ΘÑhS⌠≤¡εA±ΦíAmΩΘiH]tΣLmΩΘAµΩΘ
iH]tΣLµΩΘAH⌠≤ΣLlqΩΘCΩΘTwO
ÑhWhC
Hz
sWHΩΘANΩΘ±iΣLxsñApµB±B
zΓmΩΘCbNHΩΘsWJΣLxsºßANiHA
HΩΘA²Lα≈sⁿzΩAΣñ]A Tivoli Identity Manager °AC
zA
ziHsWAñApi²HΩΘπsAαOCA
O@ⁿzΩAp Windows NT® ServerBMS Exchange ServerA O Tivoli
Identity Manager °ACϕ#\sⁿzΩNy (provisioning)C$≤
Tivoli Identity Manager °A]OΣñ@izAA]ΘnA
2 Tivoli Identity Manager: @δΓU
|
|
|
|
|
AYuOsMzv Tivoli Identity Manager bßMHΩTCpG)
HΩΘ ITIM AALNLvs Tivoli Identity Manager ñ⌠≤vΩTCp
GFYHΩΘAAΘNvsoAC
AúαHΩΘAuαñΓCpGΘnSwAsvA
HΩΘⁿúSwAñΓC
¡ Tivoli Identity Manager ΘAuαzLⁿú ITIM s Fo
CITIM szLusεΩT (ACI)víAQ$U¼svCus
εΩTvíwqT≤G
v $ ITIM s\α¼
v n⌡µQ$º\αuvlqΩΘ¼
v n⌡µQ$º\αÑhh
1 ( 3
2 nJ
unJví)≥vLksz Tivoli Identity Manager tCBα
²zα≈s≥ovd≥CpGzúOoKXAªúFBzOKX
C
YnnJ Tivoli Identity ManagerAzΘJ ID MKXCtzb
ß¿zd⌠vQCzKXXKXWhC
nJ Tivoli Identity Manager:
1. ΘJu IDvAMß÷@U Tab Σ uKXvµC
2. ΘJuKXvAMß÷ Enter Σ÷@UnJC
yÑ∩
Tivoli Identity Manager i²∩nb Tivoli Identity Manager ty
ÑC
≤yÑ:
1. ÷@UunJv¬Uñ∩t@yÑC
ouyÑ∩vC
2. ÷@UyÑC
Tivoli Identity Manager °Atm¿∩yÑA½sπunJvC
3. nJtDtC
pGzOQµ@nJ\α nJABn∩yÑAb⌠ß[W
/languageC±ΦíAΘJG
https://mysite.myco.com/itim/enrole/language
pGntm Web s²ºyÑw] ΩTA\ Tivoli Identity Manager °
AtmΓUC
sKX
bsWbߺßAtQHΩTO²ñqll≤AzLqll
≤qCtiHtm¿²¼qll≤ñA]tHXπb
ßKXAO@ URL Mµ÷ ID XCpGzwN Tivoli Identity Manager t
mTεHqll≤HeKXAhziαó*αsKXC
UCíp≤Q URL Mµ÷ IDA sKXCα≈ú@K
XA*αsKXC
sKX:
1. ÷@Uqll≤ñπ URLA πuKXvC
© Copyright IBM Corp. 2004 5
|
|
|
|
ouKXvABuµ÷ IDvµñ±Jqll≤ñú
uµ÷ IDvXC
2. bu@KXvσrµñΘJ@KXAMß÷@UeXC
ouKXvC
3. OUKXAMß÷@U¿C
o÷¼uKXvC
½n: OUKXA]oúiAC
OKX]KXLd/
pGOKXA+MiH$Ta¬uKXLd/vDA
nJtCb¬Ld/DºßATivoli Identity Manager t
tmAHUCΣñ@ΦíG
v inJtA²Qjε#Y≤KXC
v ¼@qll≤AΣñ]tσrsKXC
v ¼@qll≤AΣñ]t@AiQ@KX sKXC
uKXLd/ vSnJ:
1. bunJWvµñΘJnJWC
2. ÷@UunJvWOKXHC
: pGuKXLd/vSwAXUCTºG
KXLd/ewC
ó Identity Manager tz
HoΩTC
3. ¬Ld/DAMß÷@UeXC
t HUíΣñ@ttm G
v inJtA²Qjε#Y≤KXC
v ¼@qll≤AΣñ]tσrsKXC
v ¼@qll≤AΣñ]t@AiQ@KX sK
XC
jεLd/ tm
YuKXLd/vSAhpGOKXA+M#\s Tivoli
Identity Manager tCpGuKXLd/vSwANnpt
zA o Tivoli Identity Manager tsvC
úuKXLd/vSO@Oºß*∩Aún]wΣ∩
uKXLd/vDC uLdív¼AiαnwqLd
úoLdA∩Ldú∩LdAOúe
LdC
ϕC@úA tmuKXLd/vSC
6 Tivoli Identity Manager: @δΓU
KX
pG Tivoli Identity Manager °Atm¿Hqll≤H@ sK
XAα≈ú@KXA*αsKXC
KX:
1. ÷@Uqll≤ñπ URLA πuKXvC
ouKXvABuµ÷ IDvµñ±Jqll≤ñú
uµ÷ IDvXC
2. bu@KXvσrµñΘJ@KXAMß÷@UeXC
ouKXvC
3. OUKXAMß÷@U¿C
o÷¼uKXvC
½n: OUKXA]zNLkAC
½n: bsKXºßAz#YnJ≤KXCbz÷@U¿º
ßAµ÷ ID NúAA]zNLkAsKXC
jε≤KX
iHb@sbßnJ Tivoli Identity Manager °AtAObU@
bßnJAjε≤KXC
: oS A≤ Tivoli Identity Manager bßC
njε≤KXbnJºßA#YiJjε≤KX > ≤KXCb
≤KXºeAúLks Tivoli Identity Manager tñ⌠≤SC
KXz
OKXπOCHúdLUCϕ]wKXR¡w≤KX
hC,NKXs±bLHoaΦC°iiwHWH¼A
W⌠≤ C
-,NzKXiLHANsz≥viNϕzµHúú
µCTivoli Identity Manager úeú\αBzoípC
nX
YnnX Tivoli Identity Manager Ñq@A∩≤ Tivoli Identity Manager (
kWñunXv÷sCzNuTivoli Identity Manager nJvC
2 nJ 7
|
|
|
|
|
|
|
|
|
3 @PS
π Tivoli Identity Manager t@@PSCoS]A²\α]uD
\αϕ²CvMu@CHΘSC
²
² Tivoli Identity Manager tDn\αpUG
v D\αϕ²C
v u@C
v ≡
\HUUAHoC@²\αΩTC
D\αϕ²C
uD\αϕ²Cv≤C@AΣπHU∩G
v
v °i
v í
o∩i²t Tivoli Identity Manager tSwC
: tñµmπb²⌠ñC@WC²⌠eHUyGzmG
u@C
u@CµW≤tuvBuvBuvMu°ivC@
¬ ABπuD\αϕ²CvñC@DDΣLlC
UϕπC@uD\αϕ²CvDDiu@C∩C
D\αϕ²CDD u@C∩
zKX
zbß
sMµ
°mñnD
°w¿nD
sHΩT
eúv¡
KXLd
°i ⌡µ°i
εs
]p⌡
]p°i
PB Ω
© Copyright IBM Corp. 2004 9
D\αϕ²CDD u@C∩
í Siu@C∩
Θ
ΘO≤owΘMíCziH∩≤TΩΘMíAO∩
u#YvΦ #Yl≤C
b∩ºßA÷@UeXHiµBzCϕ૨πzw∩ΩΘMµA
ziαn÷@U½sπz ≤sb°C
í
uD\αϕ²CvñuívDDbt@°íñ Tivoli Identity Manager °
AuWíCuWíúF Tivoli Identity Manager tñºMS÷Ω
TC
C@]úi uWíWUσ÷CoO≤C@kWñ
sC
10 Tivoli Identity Manager: @δΓU
4
uvi²°sΦ A≤L¡ΩTCQ$svi°Σ
ºΩTΘAiHuvq zLHΩTM@C
uvqi²G
v zΣbßKX
v zΣbß
v suMµv
v °ΣmñMw¿nD
v sHΩT
v eúv¡ΣL
v ]wΣuKXLdv¬
\∩AHoC@u@C∩÷ΩTC
KXz
zizLuvu@CñuzKXv∩ uvuKXzv
qCoqi²q@m zΣbßKXC
: úa∩Lk÷ruKXCKXñnKtamWrσñúrC
KXϕz#KXhCpGΩ@FKXhAhKXNϕh
tWhC
uzKXvπHUµMSG
µW µ¼ í
sKX σrµ ΘJsKXσrµC
TKX σrµ TKXσrµC
#KX ∩ MwtObßús
KXC
pG∩o∩AtYbß
úsKXANsKX
ΩTHqll≤HPbß÷p
C
uΘv∩µ U\αϕ∩]#Y MwsKXΘPí∩µ
C\ 10 yΘzH
oΩTC
Aϕµ σr CXΣbßACϕµ
¡ µC\UϕHouAv
ϕµΩTC
eX ÷s eX≤tC
© Copyright IBM Corp. 2004 11
|
|
|
|
µW µ¼ í
½] ÷s NW ½]tñex
s C
°XKXWh W @AπCXºA
KXWhXC
uAvϕµCXΣbßACUϕíuAvϕµñC@
µG
µW í
]∩ pG∩A≤M∩Ab
ßC
Wh o µSwAKXW
hC
A AWC
nJ ∩AnJ IDC
¼A bß¼AC
≤KX:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzKXC
ouzKXvC
3. busKXvσrµñΘJsKXAbuTKXvσrµñTK
XF∩u#KXv∩C
pG∩u#KXvATivoli Identity Manager úKXAHqll
≤NKXHPbß÷pC
4. ∩ΘMíA∩u#Yv∩C
5. ∩zn≤ΣKXºA∩C
6. ÷@UAu°vATKXX∩wAKXWhC
pGQn≤hAKXAiH÷@U°XKXWh
AHd C@KXWh¡ε≤C
7. ÷@UeXC
eX≤≤wíC
bßz
zizLuvu@Cñuzbßv∩ uvubßzv
qCoqi²q@ñm zΣbßC
12 Tivoli Identity Manager: @δΓU
ubßzvπUCG
µW í
∩ ∩CbεCñbßC
X¼A ⁿwbßOXµhC\UϕH
oXXMíC
ID C@bß IDC
AW bßAC
¼A bß¼AC
uX¼AvO$*Xº@ ϕCC@XúΣvwqCUϕíC
@XXC
X¼AX í
ϕbßXuhvCo
i∩¿π±OCoW
acct_compliant.gifC
u≤@bßCoXϕí)
⌡µhdCqbßúoXC
iϕbßiHsbA²@hbß
úXhC
úXϕΓ¼pº@G
v úiHⁿwΩsvABbß]úsbC
v Ω)wquhvC
bßiHu IDvBuXvu¼Av C
ziH÷@Ubß IDA πMbß÷ΩTCbß⌠≤≤úiH
w#YAOw≤) í*C
ubßzvú⌡µUC@∩G
v [JsbßuAv
v ∩bß
v ] εbß
v °]Rúbß
v ]½sbß
v ≤KX
[Jsbß
≥viHLvNsbß[JAñC
[Jsbß:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzbßC
oubßzvC
4 13
3. ÷@UsC
ouAvC
4. ∩n[JsbߺAΩsAMß÷@U≥C
ousAvCoWπµ°∩ºA
¼wC
5. beW±JAΩC
: pG∩uUnJ≤KXHv∩Aϕ@nJtANn≤KXC
6. ÷@UeXC
ouΘJKXvHu∩Θ/ívC
7. ΘJbßKXAMßbuTKXvσrµñTKXC
XKXWhAhKXNúQⁿC
8. ∩ΘMíAMß÷@UeXC
\ 10 yΘzAHoΩTC
teXnDA½sπubßzvC
9. ÷@U½sπz ½sπzϕµC
∩bß
≥viHqubßzv∩Σñ@bßC
∩bß:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzbßC
oubßzvC
3. ÷@Un∩bßWC
ou∩bßvC
4. D≤bßΩTAMß÷@UeXC
: u IDvOnµAB±J*α≥⌡µC
pG∩uUnJ≤KXHv∩Aϕ@nJtANn
≤KXC
ouΘJKXvHu∩Θ/ívC
5. ∩≤ΘMíAO∩u#Yv∩C
\ 10 yΘzAHoΩTC
6. ÷@UeXC
teXnDA½sπubßzvC
pGnbßA\ 15 ybßzC
14 Tivoli Identity Manager: @δΓU
7. ÷@U½sπz ½sπzϕµC
°bß
≥viHqubßzv°vbßCbß
°bßAbßYLknJ Tivoli Identity Manager tCúLAbß
úqtñRúC°bßhq Tivoli Identity Manager tñRúbßC
°bß:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzbßC
oubßzvC
3. ∩zn°ºbß∩C
4. ÷@U°÷@UC
ou°AvuAvA°z∩wC
5. ∩ΘMíAO∩u#Yv∩C
\ 10 yΘzAHoΩTC
6. ÷@UeXC
teXnDA½sπubßzvC
pGnbßA\ 15 ybßzC
bß
≥viHqubßzvvwbßCbbßAz
ΘJ#sKXC
bß:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzbßC
oubßzvC
3. ∩znºbß∩AMß÷@UC
uwbßiHQC
4. ΘJsKXAMßTKXF∩KX∩C
pGz∩u#KXvATivoli Identity Manager zúKXAHqll≤
NKXHPbß÷pC
5. ∩ΘMíAO∩u#Yv∩C
6. ÷@UeXC
teXnDA½sπubßzvC
7. ÷@U½sπz ½sπzϕµC
4 15
|
|
|
|
|
≤KX
uITIM viHqubßzvOuzKXvA≤ΣbßKXC
$#\q@m zΣbßANiH@]whbß
KXCúLApGsKXúXC@AKXWhAnDNóABKXN
úCb sKXnJΩºeA²TnDwQ
¿CiHbuw¿nDvW°nDGC (\ 20 yw
¿nDzHoΩT
zLubßzv≤KXMzLuzKXv≤KXQⁿC]
\ 11 yKXzzAHouzKXvΩTC
≤bßKX:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñzbßC
oubßzvC
3. ∩zn≤ΣKXºbß∩AMß÷@U≤KXC
oubßz≤KXvC
4. busKXvσrµñΘJsKXAbuTKXvσrµñTK
XF∩u#KXv∩C
pGz∩u#KXvATivoli Identity Manager zúKXAHqll≤
NKXHPbß÷pC
5. ∩ΘMíA∩u#Yv∩C
\ 10 yΘzAHoΩTC
6. Tw∩zn≤ΣKXºbß∩C
7. ÷@UAu°vATKXX∩wAKXWhC
pGzQn≤hAKXA÷@U°XKXWhAHd C@
KXWh¡ε≤MµC
8. ÷@UeXC
teXnDA½sπubßzvC
Mµ
uITIM viHbuMµv°¿wⁿúL@Co
@iHOnDπOnDΩTCuMµvñCX@Ou
@y@íAonuITIM vA*α≈Aϕa¿C
uMµvi²πBBñεúnD÷ΩTCeXs
@ºßAz]iH½sπzuMµvAHπs@
CnDπΩTqO$tñt@úC
16 Tivoli Identity Manager: @δΓU
: n$nDπnDQπCpGnhWv¡AhuenDvεCnD*QπCnD¼ΣLWv¡]u@y
]pnDπA*α¿nDC
C@@π÷ΩTpUG
µW í
nD ID PnD÷pµ÷XC
@ nD@¼C
eXΘ eXnDH⌡µY@@ΘC
QnD nD@WC
DD MnDDD÷ΩTC
¼A nDµ¼AC
oiH÷C@ µñΩTC
¿@:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñsMµC
ouMµvC
3. ∩GziH÷@UµWbYAA∩A µ
uMµvC
4. ∩GziHqu¼vU\αϕñ∩nD¼A πSw¼nDC
5. ∩GziH÷@UºunD IDvu°ΩvA °º
@ΣL÷ΩTC
ounDΩvC
6. ∩GziH÷@U°AuMµvC
7. w∩n¿A÷@Uu@v µñC
pGOuπ/vnDAhuπ/nDvC
8. n¿@¼A¿UCΣñ@@G
v π/nD
a. ∩uπvΩsC
b. ∩GbuívσrñAΘJMªíC
c. ∩GziH÷@U°nDΩAHonDΣ]w÷ΩTC
d. ÷@UeXC
teX½sπuMµvC
v úΩTnD
a. únDΩTC
b. ÷@UeXC
teX½sπuMµvC
4 17
°MµnDΩ
iHH°uMµvñAPnD÷ΩC
°mñnD÷Ω:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñsMµC
ouMµvC
3. ∩GziH÷@UµWbYAA∩A µ
nDC
uMµv½sπzANnD∩C
4. ÷@Uznd ΣΩºnDu°vC
ounDΩvC
5. ∩]tznd ºΩTC
6. ÷@U⌠≤W°AuMµvC
nD
ziHzL≤uvu@Cu°mñnDvu°w¿nDv
onD¼ACoqi²°⌠≤mñw¿nDº¼AC
uα°LvnDMGCziH°nDMGC
UϕCu°w¿nDvu°mñnDvWπn
D¼B¼AMGC
nD¼
ALL í
AA bßsW
bßsW@
AC bß≤
bß≤@
AP bßKX≤
DA sWAñΓ
PA sWh
SA sWA∩h
v
LP ≤hbßKX
q@
AD Rúbß
Rúµ
LD Rúhbß
Rú
PD Rúh
SD RúA∩h
18 Tivoli Identity Manager: @δΓU
|
|
|
|
|
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
UD Rú
MD Rú
Iµbßh
Iµh
Iµh
v
DC ∩AñΓ
PC ∩h
SC ∩A∩h
UA sW
≤hIµ@
bß
RC
DD úAñΓ
AR bß
µ
LR hbß
UR
MR
µn²
AS bß
µ
LS hbß
US
MS
UO BU ≤
UC Ω≤
ñΓ≤
nD¼A
ñε
ñL
w¿
)
⌡µñ
ε
nDG
π
w0
ó
4 19
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
|
||
||
||
||
||
||
||
|
||
||
||
PRó
mñ
⌡L
weX
Q¿
O
i
mñnD
ITIM iHbumñnDvñ°weX Tivoli Identity Manager t
A²bt)¿nDCϕz°umñnDvAw
÷@U½sπzAHM°QúXsnDHw¿nDC
mñnDiH÷UCµG
v nD ID
v eXΘ
v ¼
v nD
v QnD
v DD
v ¼A
w¿nD
uw¿nDvπΘw¿nDCiH÷@UC@ µ
bYAC@ µΩT CpGn°C@nD÷
ΩA÷@U¬ unD IDvu°vC
: pGn Tivoli Identity Manager πΩTAuLonDv∩CuL
onDv∩i²uΘvBunDvBuQnDvunD¼v
LoπΩTC
Fuw¿nDv:
1. ÷@UuD\αϕ²CvñC
2. ÷@U°w¿nDC
µ÷f
Tivoli Identity Manager i²zOµ÷ΩnDCbfO²ñAC@ú
Q@aOA@kⁿú Tivoli Identity Manager HO@≈LC
@CYno≥Azⁿú@≈AΦksz²°AnΘ
ΩxswAMß[HtmAHú@≈ cn ΩxswtC@¿C
ziHzL≤uttmvUuΩΘv tmw∩w¿nDCuW
vµCuWv]ww]tmH cn]@δWC
20 Tivoli Identity Manager: @δΓU
||
||
||
||
||
||
||
||
|
|
|
|
|
|
|
HΩT
pGzO Tivoli Identity Manager zºbßAhuHΩTvq]t
Pz÷ΩTC
uHΩTvϕµiH$tzqCw]uHΩTvϕµCXHU
G
µ í
HΩT m≤ bßm≤C
W bßWCo bHW
UñObßC
Wr bßWrC
Wr@r% bß@r%C
ϕaa bßϕaaC
@KX bß sbßKXK
XCpG Tivoli Identity Manager °A
tnbßúlKXAoO
n C
ñΓ bßñΓC
qΩT yX bßymX]q
qyϕC
us bßusC
bßu@C
bß C
lHa bßqaC
bßmW]pGAC
qTΩT qll≤ bßqll≤]qOb
ßWr@r%Mm≤C
tQªNnDMΣL@qb
ßC
qX bßXC
µqX bßqµqXC
Is bßqIsXC
ϕaq bßϕaqXC
OW bßΣLOWCTivoli
Identity Manager o ±∩
zbßbⁿzΩWu
IDvC
ΘJHΩT:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñsHΩTC
ousHΩTvC
4 21
3. D∩uHΩTvBuqΩTvHuqTΩTvWΩ
TC
4. ÷@UeXC
: ziHbuHΩTvWsWuñΓvApYß$Y@uñΓvº¿Ωµ#\º⌠≤uⁿzΩvsvC
eúv¡
ziHueúv¡v ⁿúneúzπv¡HCo≤nD
πABOnDñ@úΩTBJC
ziH∩heú∩HA²P@qíúieúhHCpGzn≤Yqíe
úHAz²Rú HAAw∩∩wq[JsHC
: dNúNϕz⌡µ@αOzvH-LHIßiαtNCztdzeúGveúMwC
sWeú
eúv¡:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@Cñeúv¡C
oueúv¡vC
3. ÷@UsWC
4. QujMvSΣXYΘAMß∩ΘmW∩AA÷@Us
WC
5. ∩nNzπv¡eúHlΘM⌠ΘC
6. ÷@UeXC
≤eú
≤Y@íeúH:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@Cñeúv¡C
3. ∩eúW∩AMß÷@URúC
ouTRúvC
4. ÷@UeXC
eúYqeúMµñúC
5. usWeúv [JqseúHC
∩∩weúH
≤eúí:
1. ÷@UuD\αϕ²CvñC
22 Tivoli Identity Manager: @δΓU
|
|
2. ÷@Uu@Cñeúv¡C
3. ÷@Uzn≤eúWC
4. ≤ul/⌠ΘvC
5. ÷@UeXC
KXLd/¬
uITIM viHH∩ΣuKXLd/v¬CpGhuKXLd/
vDnú¬AziH≤Σñ@¬Aú∩ΣL¬C
w]AoSOCpGz∩o∩²oSwAWX
@hTºAⁿXoSewCúLApGFoSAzNiHH
U ∩uKXLd/v¬C
∩KXLd/ ¬:
1. ÷@UuD\αϕ²CvñC
2. ÷@Uu@CñKXLd C
ouLdvC
3. ∩ºLd/D¬AMß÷@UeXC
tYxsLd/²C
4 23
5 °i
≥viHQ Tivoli Identity Manager °it ú°iC°i Sw
htíΩTAHSw° µíπGC°iúH PDF
µíeC
Tivoli Identity Manager úΓ¼°iG
v w²wq °i
Tivoli Identity Manager úúC °i¼Co°iúgw²wqALk
∩C
v wqq°i
q°id²°i]pí]pAMßJ Tivoli Identity Manager ⌠Ab
⌠ñAªXb Tivoli Identity Manager GUI u°iv\αϕñCziH
u°i]pívA≤Ot°iíAp Crystal Reports
DesignerC
½n: °°i Adobe Acrobat ReadertmCz] Internet Explorer 5.5
]t Service Pack 2≤sAO Netscape 4.75 C
ITIM bßC@úiH°°iCúLA°i ACI $
ITIM s∩ⁿw°isvC]α≈d Lv°⌠≤q°
iCziH]wSw°i ACIATa$Sw¼º°isvA ¡ε
UúPα≈°iC
@δuα @δ]QnDOnDSwí°iC±
ΦíAgzuα°LlnDO∩LúXnD°iC²OApGu
úπz¡AhLuα°∩LúXnD°iA]OLúα
lnDC
© Copyright IBM Corp. 2004 25
°i¼
Uϕí Tivoli Identity Manager ñi°i¼CúLASwi°i
° ITIM s¿ΩµwC
°i¼ í
@ w²wq] °iC
@¼BΘBnD@HHnD@∩HACX
Tivoli Identity Manager @nDC
ošiiHwqUCG
v nD
v QnD
v @
v lΘ
v ⌠Θ
A w²wq] °iC
ΘBnD@HHnD@∩HACXA
ΩC
ošiiHwqUCG
v nD
v QnD
v AΩ
v lΘ
v ⌠Θ
w²wq] °iC
ΘBnD@HHnD@∩HACX Tivoli
Identity Manager @C
ošiiHwqUCG
v nD
v QnD
v lΘ
v ⌠Θ
w²wq] °iC
ΘBnD@HHnD@∩HACXQn
DC
ošiiHwqUCG
v nD
v QnD
v lΘ
v ⌠Θ
26 Tivoli Identity Manager: @δΓU
°i¼ í
w²wq] °iC
CXW⌡µºßAΣt#bßC
ošiiHwqUCG
v AΩ
w²wq] °iC
CXb∩w3úSíAC
ošiiHwqUCG
v AΩ
v Aw3
bß w²wq] °iC
CXHΣ÷bßAHbßOXµhC
ošiiHwqUCG
v AΩ
v µ
q wq°iC
wq°id²°i]pí]pAMßJ Tivoli
Identity Manager ⌠C
HUMµ]AibSwAΩW⌡µ°iG
v A
v
v
v bß
v q
HUUíU°i¼C
@°i
u@°ivπnD Tivoli Identity Manager @BnD@HHnD
@∩HC°iiHw∩tO@SwtA πS
w@nDCAziHnD°iπXn⌡µnDº@A
Ou∩@°n⌡µ∩w@nDCz]iHΘJΘd≥Auπ
¿bd≥@nDC
Uϕíi¡ε°ijMµG
nD nDOⁿlnDCpG)∩n
DA Tivoli Identity Manager jM⌠≤t
lnDC
5 °i 27
QnD QnDOunQsWB∩Rú
CpG)∩QnDA Tivoli Identity
Manager w∩⌠≤HΩΘjMnDC
@ bú°iATivoli Identity Manager jM
@¼CoOnC
i@¼pUG
v bßsW
v bß≤
v bßKX≤
v sWAñΓ
v sWh
v sWA∩h
v ≤hbßKX
v Rúhbß
v Rúbß
v Rúh
v RúA∩h
v Rú
v Rú
v ∩AñΓ
v ∩h
v ∩A∩h
v sW
v
v úAñΓ
v bß
v hbß
v
v
v bß
v hbß
v
v
v BU ≤
v Ω≤
l/⌠ΘMí ¡ε°iΘPíd≥C°iñu]t
b∩wΘ/íd≥@ñAΩC
ú @°i:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
28 Tivoli Identity Manager: @δΓU
ou°i\αϕvC
3. ÷@U@°iC
ou@°ijMvC
4. ∩G∩nDC
a. ÷@U...o Identity Manager C
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩ΩsAMß÷@UsWC
t½sπu@°ijMvAB∩nDCbunDvµ
ñC
5. ∩G∩QnDC
a. ÷@U...oHC
oujMvC
b. pGsb@HWH¼Aqu∩H¼v\αϕñ∩H
OC
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩jMLo°≤C
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩HΩsAMß÷@UsWC
t½sπu@°ijMvAB∩QnDCbuQnD
vµñC
6. qu@v\αϕñ∩@¼C
7. qO\αϕñ∩δBΘB(MíA ∩lH⌠ΘPíC
8. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
9. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
5 °i 29
A°i
uA°ivC∩AΩnDC°iuπ¿buΘ/íd≥v
A$∩wt]tnDAΩºnDAHw∩
∩wH]HnDnDC
Uϕíi¡ε°ijMµG
nD nDOⁿlnDCpG)∩nDA Tivoli
Identity Manager jM⌠≤tlnDC
QnD QnDOunQsWB∩RúCpG)∩
QnDA Tivoli Identity Manager w∩⌠≤HΩΘjM
nDC
AΩ oOnCAΩOⁿ Tivoli Identity Manager ñi
AAOⁿAOΩ]pGAhΩC
l/⌠ΘMí ¡ε°iΘPíd≥C°iñu]tb∩wΘ/
íd≥eXnDC
ú uA°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@UA°iC
ouA°ivjMC
4. ∩G∩nDC
a. ÷@U ...o Identity Manager C
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩ΩsAMß÷@UsWC
t½sπuA°ijMvAB∩nDCbunDvµ
ñC
5. ∩G∩QnDC
a. ÷@U...oHC
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
30 Tivoli Identity Manager: @δΓU
e. ∩ΘΩsAMß÷@UsWC
t½sπuA°ijMvAB∩QnDCbuQnD
vµñC
6. ∩AΩC
a. ÷@U...oAC
ouAjMvC
b. qu∩A¼v\αϕñ∩A]wC
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩jMLo°≤C
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩AΩsAMß÷@UsWC
t½sπuA°ijMvAB∩ACbuAΩvµ
ñC
7. qO\αϕñ∩δBΘB(MíA ∩lH⌠ΘPíC
8. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
9. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
°i
u°ivCXnD Tivoli Identity Manager @BnD@HH
nD@n@∩HCziH∩nπtnDAO@Sw
tnDCAziHqtOq@∩wtA
nD°iπXn⌡µonDHAOu∩@H°H
nDCz]iHΘJΘd≥Auπ¿bd≥@nDC
Uϕíi¡ε°ijMµC
nD nDOⁿlnDCpG)∩nDA Tivoli
Identity Manager jM⌠≤tlnDC
QnD QnDOunQsWB∩RúCpG)∩Qn
DA Tivoli Identity Manager w∩⌠≤HΩΘjM
nDC
l/⌠ΘMí ¡ε°iΘPíd≥C°iñu]tb∩wΘ/í
d≥@ñAΩC
ú u°iv:
1. ÷@UuD\αϕ²Cvñ°iC
5 °i 31
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@U°iC
ou°ijMvC
4. ∩G∩nDC
a. ÷@U...o Identity Manager C
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩ΩsAMß÷@UsWC
t½sπu°ijMvAB∩nDCbunDv
µñC
5. ∩G∩QnDC
a. ÷@U...oHC
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩HΩsAMß÷@UsWC
t½sπu°ijMvAB∩QnDCbuQnD
vµñC
6. qO\αϕñ∩δBΘB(MíA ∩lH⌠ΘPíC
7. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
8. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
Q°i
uQ°ivCXQ Tivoli Identity Manager nDCziH∩nd
Q@FO∩SwtAud ∩tQ
32 Tivoli Identity Manager: @δΓU
@Cz]iH∩ud ⌡µ@ºSwHQ@CúO@¼
pAun Tivoli Identity Manager @XnD/QnD hAhú@¼
≤Ao@úπb°iñC
Uϕíi¡ε°ijMµG
nD nDOⁿlnDCpG)∩nDA Tivoli
Identity Manager jM⌠≤tlnD
QnD QnDOunQsWB∩RúCpG)∩Qn
DA Tivoli Identity Manager w∩⌠≤HΩΘjM
nDC
l/⌠ΘMí ¡ε°iΘPíd≥C°iñu]tb∩wΘ/í
d≥@ñAΩC
ú uQ°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@UQ°iC
ouQ°ijMvC
4. ∩G∩nDC
a. ÷@U...o Identity Manager C
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩ΩsAMß÷@UsWC
t½sπuQ°ijMvAB∩nDCbunD
vµñC
5. ∩G∩QnDC
a. ÷@U...oHC
oujMvC
b. qu∩v\αϕñ∩jMC
c. qu∩ϕív\αϕñ∩jMLo°≤C
d. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
e. ∩HΩsAMß÷@UsWC
5 °i 33
t½sπuQ°ijMvAB∩QnDCbuQn
DvµñC
6. qO\αϕñ∩δBΘB(MíA ∩lH⌠ΘPíC
7. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
8. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
°i
u°ivCXUCΩTG
v #Q≥≤bß
v #bß
v ≤sbß
v úbß
v wBzbß
v w≤ºHMbßΩΘMµ
ú u°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@U°iC
ou°ivjMC
4. ∩AΩC
a. ÷@U...oAC
ouAjMvC
b. qu∩A¼v\αϕñ∩A]wC
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩jMLo°≤C
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩AΩsAMß÷@UsWC
t½sπu°ijMvAB∩ACbuAΩvµ
ñC
5. ÷@UeXC
34 Tivoli Identity Manager: @δΓU
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
6. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
°i
u°ivCXbwq3)ⁿwAbßAHq)L
bßC
Uϕíi¡ε°ijMµC
AΩ oOnCAΩOⁿ Tivoli Identity Manager ñiA
AOⁿAOΩ]pGAhΩC
w oOnC∩wAbßw3C
ú u°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@U°iC
ou°ivjMC
4. ∩AΩC
a. ÷@U...oAC
ouAjMvC
b. qu∩A¼v\αϕñ∩A]wC
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩jMLo°≤C
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩AΩsAMß÷@UsWC
t½sπu°ijMvAB∩ACbuAΩvµ
ñC
5. buw3vσrµñAΘJnjM3C
6. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
5 °i 35
7. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
bß°i
ubß°ivCXΘΣ÷bßAHbßOXⁿwµMΣlµ
µhC
Uϕíi¡ε°ijMµC
AΩ oOnCAΩOⁿ Tivoli Identity Manager ñiA
AOⁿAOΩ]pGAhΩC
µ oOnCuµvO CXMΣ÷bßS
wµCiⁿwµ¼pUG
v zΓ
v H
v m
v
v µ
ú ubß°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. ÷@Ubß°iC
oubß°ivjMC
4. ∩AΩC
a. ÷@U...oAC
ouAjMvC
b. qu∩A¼v\αϕñ∩A]wC
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩jMLo°≤C
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩AΩsAMß÷@UsWC
t½sπubß°ijMvAB∩ACbuAΩvµ
ñC
5. ∩uµvC
a. ÷@U...oµC
36 Tivoli Identity Manager: @δΓU
oujMvC
b. qu∩¼v\αϕñ∩µ¼C
c. qu∩v\αϕñ∩jMC
d. qu∩ϕív\αϕñ∩ϕíC
e. bσrµñΘJjMAMß÷@UjMC
oujMLoGvC
f. ∩AΩsAMß÷@U≥C
t½sπbß°iujMvAB∩µCbuµ
vµñC
6. ÷@UeXC
t ∩jM h ú°iC°iQ Adobe Acrobat Reader π
C
7. pGnN PDF µí°ixsß≈A÷@U°i°íuπCñxs
CbYípUAuWvµñπw]WiαOLW
]5hrCs²znxso²AMßbuWvµñ
½sΘJWC÷@UxsC
q°i
q°idYQu°i]pív #AOq≤Ot°i]p
í]p Crystal ReportJCq°iXb Tivoli Identity Manager GUI u°iv
\αϕñAHC °iC
tziHw∩n q°iCq°itπµ °id
cúPC
ú xsuq°iv:
1. ÷@UuD\αϕ²Cvñ°iC
2. ÷@Uu@Cñ⌡µ°iC
ou°i\αϕvC
3. qMµñ∩q°iC
4. ⁿw°iµí (PDF/CSV)C
: w∩ Tivoli Identity Manager q°i(]p°iAXo∩C
5. ΘJú°iΘJΩ]pGAC
: w∩ Tivoli Identity Manageru°i]pívmq°iA
ΘJϕuM SQL dⁿykWhC±ΦíApGnoH J Y
HmWAhΘJ J% úO J*C
: pGO Crystal ReportAΘJϕu WϕíykC±ΦíA
pGnoH J YHmWAhΘJ J*C
6. ÷@UeXC
pYH∩µíúπ°iC
5 °i 37
7. pGnN PDF/CSV µíq°ixsß≈A÷@U°i°íuπCñ
xsCpGuπCñ úxsA°í\αϕCñ∩ xs
°iCbYípUAuWvµñπw]WiαOL
W]5hrCs²znxso²AMßbuWvµ
ñ½sΘJWC÷@UxsC
pGnN⌠≤ⁿΣµí Crystal Report xsß≈A°iΘX
ñX∩ X Crystal ReportCqMµñ∩ΘXµíAMßxs°iC
38 Tivoli Identity Manager: @δΓU
N
σ≤Yw∩ IBM bⁿΩúºúPAoFbΣLΩañAIBM úúo
ú≤ñúUúBA\αCóϕa IBM NϕAHo
ϕaeúúMAº÷ΩTCo≈σ≤bú IBM úBíAA
úϕtuα IBM úBíACun)I. IBM z]úvA
⌠≤\αϕúBíAúiHN IBM úBíACúLA⌠≤
D IBM úBíAAµtd@⌠Mτd⌠C
o≈σ≤íDDeAIBM iαΣMQMQ/Cúo≈σ≤úNϕ
úoMQvCziHúXvdA τHG
IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
pGO÷ (DBCS) ΩTvdAóbΩ IBM z]úíA
úXvdA τHG
IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106-0032, Japan
UCq¿úA≤ Ω°PϕakΦΣLΩaG
International Business Machines Corporation uypzúXAúú⌠≤
tºOAΣñ]ABú¡≤úHWwBiSwºA⌠
tOCabSwµ÷WAú#\útOA]Aonú
@wAXzC
oΩTñiαNWLΩWC]AIBM wqFNqß
eJsñCIBM H∩iM/≤XúúM/íAút
µqC
o≈ΩTñú⌠≤D IBM ⌠uAIBM úo⌠úOCo⌠
úΩúO IBM úΩeApGno⌠ΩAz
µ ßIC
IBM oHUAϕΦíG$zú⌠≤ΩTAL∩ztdC
pGí≥vHF (i) bO#íMΣLí]]Aíºíµ½
ΩTAH (ii) ¼µ½ΩTA]n÷ΩTAóG
IBM Corporation
2ZA4/101
© Copyright IBM Corp. 2004 39
11400 Burnet Road
Austin, TX 78758
U.S.A.
oΩTiAϕ°oAbYípUIOΦoC
IBM ≥≤Φº IBM ßXBIBM ΩívXA⌠≤PÑX°A
úΩTúvíPΣAvΩC
Bt⌠≤αΩAObⁿε⌠UoXAPbΣL@⌠UoX
GAiαjtºCqΩObotW#AúOPΣLqt
WqΩ@C-AqΩiαOzL[Hw⌠AΩGúú
oPCσTΣSw⌠AΩC
úºD IBM úΩTAúAΣoGnΣLDC
IBM )LoúA]LkToD IBM ú⌡µαBe⌠≤∩
úΣLDiOLC÷D IBM úαD óúC
UCⁿJO International Business Machines Corporation bⁿΩ/ΣLΩa
UG
AIX
DB2
IBM
IBM x
OS/390
SecureWay
Tivoli
Tivoli x
Universal Database
WebSphere
z/OS
zSeries
Lotus® O Lotus Development Corporation / IBM Corporation UC
Domino™ O International Business Machines Corporation M Lotus Development Corporation
bⁿΩ/ΣLΩaC
Microsoft®BWindows®BWindows NT M Windows xO Microsoft Corporation bⁿ
Ω/ΣLΩaC
Java™ MH Java ≥ªMxAO Sun Microsystems, Inc. bⁿΩMΣL
ΩaUC
UNIX® O The Open Group bⁿΩΣLΩaUC
40 Tivoli Identity Manager: @δΓU
Wⁿ
T
l (subprocess). Qϕ@t@u@y]p@íu@y]pC
u@y (workflow). ÷°⌡µíC
w¿nD (completed requests). wgeXtABwg¿nDC
úe\@ (disallowed action). ≤AªwqϕuTivoli Identity Manager °Avobß
Húibß iµ∩AA@C
oub∩udhv∩*C
ñíΩxsw (central data repository). oΩwiHO²Mxsn²MsMvΩ
AΣñ]Aµ÷M@O²bC
Σ (branch). ≡¼cñC@hAú@ΣC≡¼cñC@ΣAú$úPⁿ
XCziH÷@UlµΣΣ[ (+)A°Σ
eC
¡
²AOyÑ (DSMLAdirectory serv icesmarkuplanguage). O@ XML Ω@AiHú@µ
íA íM@úP²t²AΩTC
@KX (shared secret). @[K AΣO
lKXA s Tivoli Identity Manager tC
o ObHΩTⁿJtwqC
Xⁿ (join directive). @WhAoWhiwqϕΓΓHWho≡Ap≤Bz
C
s (access). xsbqútWΩTΩMvC
sεΩT (access control informationAACI). oΩiHO@sDΘsvCt\us
εvC
C
m (location). iH[Jñ@lqΩΘCq
AmOHΦΦíazmA iµ
zC
@ñbß (active account). @sbBe$ sΩbßC
@°i (operation report). o≈°i @¼BΘBnD@HHnD@∩HA CX Tivoli
Identity Manager @nDC
OW (alias). @¡AqOⁿ IDC
@HiHnXOWApGGSmith M GWSmithC
tz (system administrator). vstHC
Tivoli Identity Manager tñúF@w²tm ITIM
sCo ITIM sQ]pnNt¬sv$¿
C¡z ITIM s¿Avs
t\αMΩC
¡Oh (identity policy). Tivoli Identity Manager
twqp≤# ID WhC
K
(user). Pt¼@⌠≤HC
(user interfaceAUI). Pt¼
πeC
W (user name). st IDC
o ID ]iHw∩tOAB²t
bUñΓM ITIM sñ¿ΩµAMw
svC
°i (user report). o≈°i ΘBnD@HHnD@∩HA CX Tivoli
Identity Manager @C
O (user class). @ LDAP OAp
inetorgperson BPPersonC
© Copyright IBM Corp. 2004 43
(provision). iH]wM@∩tsvC
h (provisioning policy). ohiHwqUⁿzAsvAp Tivoli Identity Manager @
tCsv$HA HñΓ
[H$Csv]iHSO$úO⌠≤ñΓ¿
HC
° (deprovision). úA≤C±ΦíAoεbßOⁿqΩRúYbßC
eú (delegate). oHQⁿwtdπt@nDAw∩t@nDúΩTC
tbß (orphanAorphan account). ≤Ω
WAΣb Tivoli Identity Manager tñLkPw
bßC
A (service). ⌡µ°A÷nΘñDn\α
íC
A∩h (service selection policy). bh
ñAtdMwn@A JavaScript LoC
D@ñbß (inactive account). sb≤tñA²ebßúbñbßC
E
Mµ (to do list). ⁿú ¿@MµC
d (query). ¡ε@p¼]ΦkC
nD (request). Tivoli Identity Manager tñA@n
DπΩT@C
nD (requestor). eXnDHC
nDΩT (request for informationARFI). bz¡OAVⁿwPnDΣLΩT@Aobu
@yO@nBJC
¡ε (constraint). h¡εC
Q
HΩT (personal information). HΩTCoΩTiH]tmBWBϕaaBqXBqll
≤BXMÑÑC
h (policy). b Tivoli ñA@M≤ⁿzΩW
hC±ΦíAhiHMKXAMQ
nsΩC
hIµ (policy enforcement). Tivoli Identity Manager
tⁿúⁿHhºbΦíC
Q@
P (participant). b¡zñAvw∩zLu@yeXnDXHCPiQ°H
ñΓAQq JavaScript Script [HOC
µ (business unit). ñ@lqΩΘC
±H (business partner person). ±ñ@HC
± (business partner organization). iH
[Jñ@lqΩΘCq±O
O ]HBΣLúO u²iαnq
ΩsvHsC
KX (password). bqúM⌠⌠wñA$ΘJHtOSwrΩAªiH²stA
HxsbΣñΩC
KXh (password policy). wqKXXº]wWhAp°AHe\Múe\r
¼C
KX¡ (password expiration period). bjó≤∩KXºeAªα≈h[C
bß (account). wqnJΩTMsεΩT
C
bß°i (account report). o≈°iCXHΣ÷bßAHbßOµhC
ε¼ (control type). Java ¼O@ΩAN
ϕ(Wµ¼C
v (authorization). bqúwñA$qútPqútqTv¡C$∩½
≤BΩτπ¡svC
jíwtúOΓBJC@Ñq
OOATwNOLnHCGÑqO
vAe\o ¡ sUΩC
v (authorization owner). oO@s
ALiHbΣµ⌠wqñAwqs
εΩT (ACI)C
(organization). b¡zñAW#MΩDΘC÷MºíiH@ΩA²ºí
πXhoϕCCqNOⁿqC
44 Tivoli Identity Manager: @δΓU
ñΓ (organizational role). b¡zñAMwvsUⁿzΩºh¿ΩµC
µ (organizational unit). ñMΩDΘAtdNhiHzsCu
αⁿú@µCΩ]uαⁿú@µ
]úDªQwqqC
≡ (organization tree). ÑhícAiúΦí #BsMxsΩTC
Q°i (rejected report). o≈°iO ΘB$ nD@Hw∩ nD@ACFQn
DC
QnD (requestee). nDOw∩oHeXC
QG
ú¡ε (escalation limit). biµú0@ºeAP∩nDXq]ΘBBϕC
úP (escalation participant). b¡zñAvbⁿwú0íA∩≤PSnDX
HCú0PiQ°HñΓAQ
q JavaScript Script [HOC
ú DSML ¡ (DSML identity feed). Tivoli Identity
Manager Tw]A¼º@C
uú DSML ¡vAiqHOΩΩwJ
ΩANΩT±J Tivoli Identity Manager ²
ñCoAiHQUC@Φk ¼ΩTG@
YNQRúqC
ú HR (HR feed). Tivoli Identity Manager tqH
OΩΩwJΩ C
uú DSML ¡vC
QT
Ω (resource). $ Tivoli nΘzwΘBnΘ
ΩΩΘCt\uⁿzΩvC
Ωz ( r e s o u r c e p r o v i s i o n i n gmanagementArpm). XTDn]ΦBu@yzHeNzízhAtdñ
zvsΩTMΩº@C
qlϕµ (electronic form). qlϕµO@dAiHw∩nDsv wqC
Q
ΩΘ (entity). 1) ⁿH½≤AΩTNOw∩oH½
≤xsC
2) Tivoli Identity Manager tUCΣñ@
OG
v Person
v BPPerson
v Organization
v BPOrganization
(supervisor). b Tivoli Identity Manager tñA
QⁿwµtdHHC
zΓ (admin domain). b Tivoli Identity Manager
t@YíAΣ]tvhBAB
ACI ÑÑCC@zΓúiαzLkz
°ΣLzΓhBABACIC
(credential). e\sbß ID M
KXΩTC
Γ z (domain administrator). oziHwqMzbΣzΓΩΘBhBABu@
ywqBñΓHA²u¡≤LvzΓ
d≥C
Q¡
fO² (audit trail). qútbYqñµ÷O
²C
(digital certificate). FwúqlTº≤C
(suspend). °bßA²bßLknJΩ@C
Ld (challenge response). oO@OΦkAªnDbnJ⌠⌠AúMΩT τ¡A
∩úXC
d≥ (scope). hαvTd≥C
@δÑAd≥wq¿µ@l≡CpGd≥wq¿
uµ@vAhhuvThwqºP@Σñ
ΩΘCpGd≥Qwql≡Ahhú²vTwqª
ΣAvTΣL≤hIΣΣC
(reconciliation). ±ñíΩxswMⁿzNztΩTAHOΓºítºC
°i (reconciliation report). o≈°iCFqW@⌡µºßAΣt#bßC
Wⁿ 45
Q
zñ (Certificate Authority). tdoX
CzñO¡H
vABoXsB≤sAH
oεúAvªC
(owner). b Tivoli Identity Manager tñA
bßAHC
RAñΓ (static organizational role). uαHΓΦíⁿwñΓC
QC
ovQ (entitlement). bwzñANϕhΩTΩcBAMµC
mñnD (pending request). wgeXtA²)¿nDC
(restore). ½sbßC
QE
Wv¡ (signature authority). ov¡iHπeXu@ynDCsOQ
ⁿwu@y]pñPú0PAQ$
Wv¡C
÷Σr (keyword). bjM@ñAOh
C
GQ@
Iµ (attribute enforcement). tzwqbßHwqº C
GQG
O (authentication). OH¡ (qO
WMKX[HO) CbwtñAOPv
OIMúPAvOⁿ H¡AúHt½
≤svCOuOTwoHNOLn
¡B²)ú÷≤HsvΩTHC
A
ACI (ACI target). $ ACI εΩΘC
ACI I (ACI origin). # ACI º≡¼cñ
ΣC
I
ITIM s (ITIM group). uTivoli Identity Manager °A
vñsC
tsMziHw∩ ITIM s cA²OA
²π ITIM bßA*αⁿú ITIM sCu
noHπF ITIM bßALNO@ ITIM A
iH[J ITIM sC
S
Secure Socket Layer (SSL). zL⌠⌠⌠ΘpKσ≤qT≤wC SSL kOQpK≈ANzL
SSL suαeΩ[KC
T
Tivoli IdentityManager Nzí (Tivoli IdentityManager Agent). ⁿztMuTivoli Identity
Manager °Avºíz¼(Cªϕ≤HΩ
zABOα½nD½n≤AiHúU
twtmsvC
Tivoli IdentityManager °A (Tivoli Identity ManagerServer). Q]pníph¼MΦnΘMAM≤C
46 Tivoli Identity Manager: @δΓU
HñσrAσrAS
ϕºCC
e@f@δ\α
Θ 10
uWí 10
²
u@C 9
Φk 9
D\αϕ²C 9
eTfu@C 9
w¿nD
í 20
° 20
efσ≤
suW vi
e¡fD\αϕ²C 9
Θ 10
ef@KX 21
q
°i
í 27
q°i
ú 37
í 37
eCf@°i
ú 28
í 26, 27
eKf
°i
ú 31
í 26, 31
(
²
u@C 9
D\αϕ²C 9
eúv¡
sW 22
í 22
≤ 22
°i
í 26
A
°i
ú 30
í 26, 30
eEfMµ
18
í 16
°Ω 18
w¿nD
í 20
\αd≥ 11
eúv¡
∩eú 22
sWeú 22
í 22
≤eú 22
Mµ
í 16
°nDΩ 18
HΩT
í 21
KX
∩uLd-v¬ 23
z 11
bßz
[Jsbß 13
°bß 15
∩bß 14
í 12
bß 15
(≥)
bßz (≥)
bß 15
mñnD
í 20
≤KX 16
eQfHΩT 21
uqΩTv
us 21
yX 21
21
lHa 21
21
21
uHΩTv
W 21
@KX 21
Wr 21
Wr@r% 21
ϕaa 21
m≤ 21
ñΓ 21
∩ 21
uqTΩTv
µqX 21
ϕaq 21
OW 21
Is 21
qll≤ 21
qX 21
sW 21
hIµ
XX
úX 13
13
X 13
i 13
u
qΩT 21
yX 21
21
lHa 21
X 21
21
21
HΩT
W 21
@KX 21
© Copyright IBM Corp. 2004 47
u (≥)
HΩT (≥)
Wr 21
Wr@r% 21
ϕaa 21
m≤ 21
ñΓ 21
pΩT
µqX 21
ϕaqX 21
OW 21
IsX 21
qll≤ 21
qX 21
y
suW vi
eQ@fKX
O
tmuLd-v¬ 23
nJ 6
z 11
Ld/
6
¬ 6, 23
bß
° 15
∩ 14
°i
í 27
sW 13
z 12
15
15
KX 5
bß°i
ú 36
í 36
Q°i
ú 33
í 32
eQGf°i
q
ú 37
í 27, 37
@
ú 28
í 26, 27
ú 31
°i (≥)
(≥)
í 26, 31
ú 33
í 26, 32
A
ú 30
í 26, 30
bß
ú 36
í 27, 36
ú 35
í 27, 35
ú 34
í 27, 34
¼
q 27, 37
@ 26, 27
26, 31
26, 32
A 26, 30
bß 27, 36
27, 35
27, 34
nJ
OKX 6
í 5
nX
í 7
eQfz
KX 11
bß 12
eQ¡f
°i
í 27
°i
ú 35
í 35
uWí 10
°i
ú 34
í 27, 34
eQf²
u@C 9
Φk 9
D\αϕ²C 9
eQCfmñnD
í 20
eGQ¡f[ v
48 Tivoli Identity Manager: @δΓU