Provisioning Policy
Prerequisites: The Provisioning feature has been turned on and set up for your organization.
Create Profile / Provisioning Policy
When Identity Security Cloud provisions new accounts to an IBM DB2 direct connect source, it uses the attributes on the Create Profile page as instructions or a template for what to include in the account. This page is also referred to as the provisioning policy.
Important
This page describes the configuration of the default Create Profile. However, SailPoint recommends that you work with Services to define a Create Profile specific to your company's needs.
The following generators create required information for a new IBM DB2 account. You might need to edit the contents.
Note
Parameters marked with an asterisk (*) are mandatory.
|
Account Attribute |
Generator |
Description |
|---|---|---|
|
GRANTEE |
Create Unique Account ID |
The database user name |
|
CONNECTAUTH |
Static |
The authority to connect to the database |
|
BINDADDAUTH |
Static |
The authority to create packages |
|
CREATETABAUTH |
Static |
The authority to create tables |
|
NOFENCEAUTH |
Static |
The authority to create non-fenced user-defined functions |
|
DBADMAUTH |
Static |
The database Admin authority |
|
IMPLSCHEMAAUTH |
Static |
The authority to implicitly create schemas be creating objects in non-existent schemas |
|
LOADAUTH |
Static |
The authority to use the DB2 load utility |
|
EXTERNALROUTINEAUTH |
Static |
The authority to create external routines |
|
QUIESCECONNECTAUTH |
Static |
The authority to access the database when it is in quiesce state (The quiesce state means the database is locked from creating an external connection through any application) |
|
SECURITYADMAUTH |
Static |
The authority to monitor and tune the SQL statements |