Managing your BHOLD roles in the FIM Portal
Applies To: Forefront Identity Manager
By using the Microsoft BHOLD features in the Microsoft Forefront Identity Manager 2010 R2 SP1 (FIM) portal, you can request activation of roles for yourself or for other users that you are responsible for. When requesting role activation for yourself, you can perform the following tasks:
See an overview of your roles
Request activation of a role for yourself
Revoke one of your roles
Delegate one of your roles
See all of your roles
See an overview of your roles
The BHOLD features in the FIM Portal include a dashboard that provides summary information about your roles and the applications that you have access to. The dashboard presents a pie chart that displays the relative number of roles assigned to you in the following categories:
Proposed assigned roles, which are roles that have been activated after being submitted for approval
Proposed unassigned roles, which are roles that have not been activated because required approval has not been granted
Unit roles, which are roles that have been assigned to you because you belong to a particular organizational unit.
Personal roles, which are roles that are specifically assigned to you alone
Rule-based roles, which are roles that are assigned to you based on a predefined rule, such as a rule that is assigned to everyone who has a particular job title
To see an overview of your roles
- In the FIM Portal, in the left pane, click BHOLD Self Service, and then click the Dashboard tab.
Request activation of a role for yourself
You can request activation of a proposed role that is assigned to you. If the role requires approval, the required approvers will be sent an email message informing them of the request and providing instructions on how to approve or deny the request. If the role does not require approval, BHOLD will automatically activate the role.
To request activation of a role for yourself
In the FIM Portal, in the left pane, click BHOLD Self Service, and then click the Role Request tab.
On the New Request page, select the check box next to the role that you want to activate.
Tip
You can select more than one role.
Tip
To see the permissions granted by the role, click the Information button next to the role name.
In the Context list, if you belong to more than one organizational unit in the list, click the organizational unit for which you want the role to be activated.
In Justification, type information you want to send to approvers that explains why you need the role to be activated.
Select the Period check box if you want to limit the duration when the role will be effective, and then click the Calendar buttons to select the beginning and end dates.
Select the Receive notification when approved if you want to receive an email message informing you when the request has been approved.
Click Submit Request(s).
Revoke one of your roles
When you no longer need the permissions provided by a proposed role, you can revoke the role.
To revoke one of your roles
In the FIM Portal, in the left pane, click BHOLD Self Service, and then click the Role Request tab.
On the New Requests page, under Manage current roles, in the Revoke column, select the check box next to the role that you want to revoke.
Note
Only proposed roles that were previously activated have check boxes. Other roles are assigned automatically and cannot be revoked.
Tip
You can select more than one role.
Click Submit Request(s).
Delegate one of your roles
You can delegate a role to another user if you supervise other users. This is useful if you need the other user to be able to perform actions on your behalf. You can limit the duration during which the delegation will be effective.
To delegate one of your roles
In the FIM Portal, in the left pane, click BHOLD Self Service, and then click the Role Request tab.
On the New Requests page, under Manage current roles, in the Delegate column, select the check box next to the role that you want to delegate.
Note
Only proposed roles that were previously activated have check boxes. Other roles are assigned automatically and cannot be delegated.
Tip
You can select more than one role.
In Delegate to, type the name of the user you want to delegate the role to.
Click the Calendar buttons to select the beginning and end dates when the delegation will be effective.
Click Submit Request(s).
See all of your roles
You can view a list of all of the roles that are assigned to you, and you can view the permissions granted by each of those roles.
To see all of your roles
In the FIM Portal, in the left pane, click BHOLD Self Service, click the Role Request tab, and then click My Roles.
Tip
To see the permissions granted by a role, click the Information button next to the role name.