Contact us at 408.675.5020 or sales@identitymaestro.com

Home Page

Knowledge Base Search     Advanced

Perform an Initial Login and run the Setup Wizard for AD

Article ID: 1642
Last updated: 10 Apr, 2020

The initial login to Identity Maestro is used to complete a first-time run Setup Wizard that will create OU containers, users and groups that will be used by Identity Maestro to create an initial sandbox configuration in Identity Maestro.

Login and Run the Setup Wizard

The first login should use the credentials of the account configured in the Active Directory connection for the primary Active Directory domain.

You can access the Identity Maestro login from:

  • http://localhost on the Identity Maestro host server

  • http://<Identity Maestro host server IP address> from any browser on any desktop

Identity Maestro has been optimized to work best with the latest versions of the Edge, FireFox, Google Chrome, and Internet Explorer web browsers, but would work with most browsers that support AJAX.

To properly initialize the Identity Maestro web console:

  1. Login using the AD Identity Maestro service account username and password that was used when the AD domain connection was originally created during the installation of the Identity Maestro Host Server. In our example, we used ServiceControl as the service account but this will vary based on how your Service Account user is set up in AD.

  2. At the Welcome to Identity Maestro screen, click START.
  3. At the Step 1 - Choose the Primary System screen, click Next >.
  4. At the Step 2 – Select a System or Container screen, click the browse icon to the right of the Container field.


     
  5. In the Identity Maestro Directory Browser window, select the domain name and click OK.
  6. In the Step 2 – Select a System or Container screen, ensure that the domain name is visible in the Container field and click Next >.


     
  7. At the Step 3 – Summary screen, click Next >.
  8. At the Step 4 – Confirmation window, make note of the usernames and passwords that Identity Maestro created.  You will need those for access as the IM test user accounts.


     
  9. At the Step 5 – Setup Complete screen, click Finish.
  10. Identity Maestro will become visible in the browser window and display a "licenses has expired" warning.  

The next procedure is the Set Delegated Administration and License the server. Start by selecting the ADMINISTRATION menu option.

What does the Setup Wizard do?

This is what the Setup Wizard will do:

  • Creates users and groups for Identity Maestro roles
  • Creates sample users and groups to provide a sandbox environment to test in
  • Creates role-based task collections and task assignments in Manage
  • Installs default create form templates for different environments including the sandbox environment
  • Builds create profiles for the sandbox environment
  • Enables the Audit feature for the Identity Maestro administrators and auditors
  • Enables Self-Service including Forgot Password for the sample users in the sandbox environment

Creates users and groups for Identity Maestro roles

The Setup Wizard builds an Identity Maestro container with the following users and groups to support role-based management.

Adds Task Collections and Task Assignments

The Setup Wizard creates the following task collections.

  • IM Admins Role - contains tasks typically assigned to Identity Maestro system administrators.
  • IM Create Approvers Role - contains a minimal set of tasks for users who are assigned to create approver groups.
  • IM HelpDesk Agents Role - contains tasks typically assigned to intern tier 1 and 2 helpdesk team members.
  • IM HR Staff Role - contains tasks typically assigned to HR staff who will create and manage identification information for users.

The Setup Wizard creates the following Task Assignments

Each AD group designating a role is assigned to a task collection and is assigned one or more containers in the target AD domain that it can manage objects in.  Typical terms used throughout the Identity Maestro documentation includes:

  • Task Authority - Is the group that the task assignment is created for.
  • Task Collection - the collection of tasks that are enabled for the users in the Task Authority.
  • Task Scope - is the list of OU containers in the AD domain that the users in the Task Authority can search and use the tasks in the Task Collection.

Adds Create Forms and Profiles

The Setup Wizard creates the following create forms.

  • Forms with (Template) in the form name are templates that can be used to create new forms.
  • Forms with Sample in the form name are example forms that are used in the example create profiles (below).

The Setup Wizard creates the following create profiles

Adds Audit Assignments

The Setup Wizard creates two auditing assignments, one for administrators and one for auditors.

Enables Self-Service for Users

The Setup Wizard creates default self-service assignments for users.

This article was:   Helpful | Not helpful Report an issue


Article ID: 1642
Last updated: 10 Apr, 2020
Revision: 13
Views: 612
Comments: 0
print  Print email  Email to friend share  Share pool  Add to pool comment  Add comment
Prev     Next
6 - Initial Setup: Finish       License the Identity Maestro Server for Active Directory