Layer7 Identity Management

Expand all | Collapse all

Explore and Correlate

  • 1.  Explore and Correlate

    Posted 04-16-2015 01:08 PM
      |   view attached

    Hi All,


    I am a newbie to the CA IDM world. I have a issue which I am running into regarding explore and correlate of an account. Here is the statement of the issue. Need your help in fixing the issue.


    We have Active Directory as an Endpoint. Users in the Active Directory has 3 sAMAccount Name ( NT_AccountID). they start with ca30137, de30137, fs30137. The Global User will always be ca30137. I have attached the screen shot for your reference about the configure that has been done under Correlation Attribute. What we are trying to accomplish here is when the Explore and correlate is done we need to see all the 3 ID's which are ca30137, de30137 and fs30137 under one Global User id which is ca30137. This will help users to reset the password for all the 3 accounts if they forget the password.


    Need your help in fixing this.


    Best Regards,



  • 2.  Re: Explore and Correlate

    Posted 04-17-2015 05:33 PM

    Hi Gurudutthv


    You can resolve this in the follow way:


    To accomplish the correlation on accounts having a global user like "ca30137"  is necessary that you initialize a CustomFieldXX with the global user number, I mean 30137.
    Now that you have initialized this field you must use it as rule for Explore and Correlate/Correlation Attribute


    CustomFieldXX.ActiveDirectory.AccountID:3,0    or    what you are using



    You must initialize the CustomFieldxx for all global users before apply the Explore/Correlate action.


    On the rule we can define substring for attributes on the endpoint but not for the attribute of the globaluser,  for that reason we need to use a different field.  I think this should be an enhancement in the Explore and Correlate/Correlation Attribute Rules


    I hope this help