16 Identity Manager 3.6.1 Driver for Role-Based Entitlements: Implementation Guidenovdocx (en) 17 September 20093.1.2 Configuring the Driver SettingsAfter you import the driver configuration file, the Entitlements Service driver will run. However,there are many configuration settings that you can use to customize and optimize the driver. Thesettings are divided into categories such as Driver Configuration, Engine Control Values, andGlobal Configuration Values (GCVs). The settings are described in Appendix A, “DriverProperties,” on page 37.If you do not have the Driver Properties page displayed in Designer:1 Open your project.2 In the Modeler, right-click the driver icon or the driver line, then select Properties.3.1.3 Deploying the DriverAfter a driver is created in Designer, it must be deployed into the Identity Vault.1 In Designer, open your project.2 In the Modeler, right-click the driver icon or the driver line, then select Live > Deploy.3 If you are authenticated to the Identity Vault, skip to Step 5; otherwise, specify the followinformation: Host: Specify the IP address or DNS name of the server hosting the Identity Vault. Username: Specify the DN of the user object used to authenticate to the Identity Vault. Password: Specify the user’s password.4 Click OK.5 Read the deployment summary, then click Deploy.6 Read the successful message, then click OK.7 Click Define Security Equivalence to assign rights to the driver.The driver requires rights to objects within the Identity Vault and to the input and outputdirectories on the server. The Admin user object is most often used to supply these rights.However, you might want to create a DriversUser (for example) and assign securityequivalence to that user. Whatever rights that the driver needs to have on the server, theDriversUser object must have the same security rights.7a Click Add, then browse to and select the object with the correct rights.7b Click OK twice.8 Click Exclude Administrative Roles to exclude users that should not be synchronized.You should exclude any administrative User objects (for example, Admin and DriversUser)from synchronization.8a Click Add, then browse to and select the user object you want to exclude.8b Click OK.8c Repeat Step 8a and Step 8b for each object you want to exclude.8d Click OK.9 Click OK.