IBM Security Privileged Identity Manager, Version 2.0

Limitations

Limitations in a prerequisite component can affect how the IBM® Security Privileged Identity Manager Virtual Appliance capabilities work.

Virtual appliance limitations
  • Reconfiguration options for the middleware are not available.
  • An external repository (for example, Active Directory) cannot be configured with IBM Security Privileged Identity Manager Virtual Appliance server components (IBM Security Privileged Identity Manager and IBM Security Access Manager for Enterprise Single Sign-On).
  • Non-English characters are not supported in the Comment fields of the following IBM Security Privileged Identity Manager Virtual Appliance panels:
    • Snapshot
    • Firmware Settings
    • Support Files
  • The following file name display issues occur in several languages when a snapshot with a long file name is uploaded in the IBM Security Privileged Identity Manager Virtual Appliance:
    • The text in the Comment field is truncated.
    • The file name gets truncated in the Snapshot table.
IBM Security Privileged Identity Manager limitations
  • Data Tier and Reporting components

    The Data Tier and Reporting components must be installed separately or outside the IBM Security Privileged Identity Manager Virtual Appliance.

    • External repository (for example, Active Directory) cannot be configured with IBM Security Privileged Identity Manager Virtual Appliance server components.
    • IBM Cognos® reporting components are outside of the IBM Security Privileged Identity Manager Virtual Appliance.
    • Supports only DB2® and IBM Security Directory Server as the IBM Security Privileged Identity Manager data store on the external data tier.
  • Limited IBM Security Privileged Identity Manager and IBM Security Access Manager for Enterprise Single Sign-On functions are supported.

    Customization is limited since there is no direct access to low-level IBM Security Privileged Identity Manager and IBM Security Access Manager for Enterprise Single Sign-On configuration files.

  • Changing the IBM Security Privileged Identity Manager user logon ID on the IBM Security Privileged Identity Manager console and AccessAgent is not supported.
  • Only one network adapter can be used.
  • Custom workflow extension configuration is not supported.
  • Uploading of custom Java archive files, which implements IBM Security Privileged Identity Manager custom extensions, is not supported. For example, workflow.
  • Custom adapters are not supported.
IBM Security Access Manager for Enterprise Single Sign-On limitations
  • AccessAgent sign up

    Sign-up is not allowed from Access Agent. Users are signed up through IBM Security Privileged Identity Manager.

  • AccessAssistant/WebWorkplace

    This component is not required for IBM Security Privileged Identity Manager.

  • Self-Service Sign-Up through IBM Security Access Manager for Enterprise Single Sign-On AccessAgent

    This feature is not supported because users are to be on-boarded through IBM Security Privileged Identity Manager.

  • Self-Service Password Reset

    IBM Security Privileged Identity Manager Virtual Appliance users must use the equivalent feature in IBM Security Privileged Identity Manager instead.

  • Change ISAM ESSO password

    Users must use the equivalent feature in the IBM Security Privileged Identity Manager Self-Service UI instead.

  • Biometric and smart card second factor support with IBM Security Access Manager for Enterprise Single Sign-On Agent are not available in the IBM Security Privileged Identity Manager Virtual Appliance.
  • RFID 2FA for AccessAgent is not supported.
  • Only the default User Policy Template is supported. User Policy Templates that are based on arbitrary directory attributes are not supported.
  • Third-party Provisioning System to provision or manage IBM Security Access Manager for Enterprise Single Sign-On accounts or Wallets

    This component is not required in the IBM Security Privileged Identity Manager Virtual Appliance because the IBM Security Access Manager for Enterprise Single Sign-On accounts are provisioned through IBM Security Privileged Identity Manager.

  • IBM Security Access Manager for Enterprise Single Sign-On mobile

    This feature is not used with IBM Security Privileged Identity Manager.

  • Mobile Active Code, One Time Password, or RADIUS are not supported
  • AccessAgent Private and Shared Desktop modes are not supported.
  • IMS Configuration wizard and CLTs are not supported.
Parent topic: Troubleshooting the virtual appliance

Feedback