Symantec IGA

Using vApp 14.2 Identity Suite I am able to create a new user in Identity Manager. However this new user is not created as a Global User in the Provisioning Manager. What can be the cause of this? As far as I know the Userstore for Identity Manager and the Global User are synchronized. How can I get a Global User when I create a User in Identity Manager? 

Have you added a Provisioning Role to the user? It is possible to have a user in the User Store only if the User has no provisioning needs.

When creating a user in IDM make sure that you always assign a provisioning role at the time of creation. It can be an empty provisioning role with no account template. This ensures that the user gets created in the Provisioning Store at the same time, and that the password set in IDM is also set in the provisioning store.

If you assign the provisioning role AFTER creating the user in IDM, then the user will get created in the Provisioning Store, but the password will not be there (as IDM can only access the hashed password in the user store at this point in time, which it obviously can not decrypt). This will then cause problems if you try to provision the user to endpoints. So use something like PX to ensure that all users get a provisioning role at time of creation (assuming that this is what you want).

Pearse

Dear Sidney and Pearse,

Thank you for your help. I have created a default prov.role in IDM. When I create a new user and give this default prov.role, than a Global User is also created within provisioning store.