Enter the following general main data of an employee. This data applies to the target system login, identities, One Identity Manager login data, and employee import data.
Property |
Description |
---|---|
Central user account |
One Identity Manager user identifier. In One Identity Manager default installation, the central user account is made up of the first and the last name of the employee. An employee’s central user account affects the composition of user accounts in each target system. The central user account is still used for logging into the One Identity Manager tools. |
Central SAP user account |
Name used to form the user account name in the SAP R/3 target system. In the One Identity Manager default installation, the central user account is made up of the first and the last name of the employee. NOTE: This property is only available if the SAP R/3 User Management module Module is installed. |
E-Business Suite user account |
Name used to form the user account name in the Oracle E-Business Suite target system. In the One Identity Manager default installation, the E-Business Suite user account is formed from the employee's central user account. NOTE: This property is only available if the Oracle E-Business Suite Module is installed. |
E-Business Suite ID |
Unique ID for the HR employee, the AP customer, the AP supplier or the AR parties in the Oracle E-Business Suite. NOTE: This property is only available if the Oracle E-Business Suite Module is installed. |
E-Business Suite employee ID |
Personnel number of the HR employee in the Oracle E-Business Suite. NOTE: This property is only available if the Oracle E-Business Suite Module is installed. |
Central password and password confirmation |
An employee's central password can be used for logging into the target systems and for logging in to . Depending on the configuration, an employee's central password is replicated to their user accounts and their system user password.Use the Password Reset Portal to change the central password. For more information, see the One Identity Manager Web Designer Web Portal User Guide. |
Decentralized identity and confirmation |
Identifier of the decentralized identity to identify the employee. This identifier can be used to log in to One Identity Manager. |
Default email address |
Default email address for setting up the employee's mailboxes in the individual target systems. This data is absolutely necessary for automatically creating mailboxes. In the One Identity Manager default installation, the default email address is composed of the employee’s central user account and the default mail domain of the active target system. |
Identity |
Identity type of the person. |
Main identity |
Allocate a main identity here if the employee is managed as a sub-identity in the One Identity Manager. A subidentity allows you to set up special cases in One Identity Manager. If an employee has several user accounts in one target system that must be assigned to different groups, create a separate subidentity for each user account with a link to the main identity. |
Pseudo employee |
Specifies whether the employee represents an actual employee or a pseudo employee used for connecting to administrative user accounts, for example. |
Actual employee |
Unique ID of the actual employee. |
X500 pseudo employee |
Specifies whether the employee is managed as an X500 pseudo employee in the One Identity Manager. If an employee has several X500 entries with different properties, you can also use pseudo employee here. Label the employee with the option X500 pseudi employee for the user case and configure a link to the real X500 employee. |
X500 employee |
Assign the X500 pseudo employee to an existing employee. |
Logins |
Logins with which the employee can log in to the One Identity Manager administration tools. Enter the login in the form: Domain\User. This information is required if the authentication modules User account and User account (role-based) are used for logging in to One Identity Manager tools. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide. |
Starling 2FA user ID | User ID for multi-factor authentication. For more information on multifactor authentication, see the One Identity Manager IT Shop Administration Guide. |
System users |
System user with which the employee can log in to the One Identity Manager administration tools. The login data is analyzed by the authentication module in use. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide. |
System user password and password confirmation |
Employee's system user password. Password with which the employee logs in to the One Identity Manager tools. Use the Password Reset Portal to change the system user password. For more information, see the One Identity Manager Web Designer Web Portal User Guide. |
User account name (mainframe) |
If an employee is permitted access to the mainframe with their user account, enter the login name here. |
Notebook user |
Just for information. |
Company car |
Just for information. |
Login permitted on terminal server |
Specifies whether this employee is permitted to log in on the terminal server with their user account. |
Remote access permitted |
Specifies whether the employee can dial in to the network with their user account. |
Resetting the password through the help desk is permitted. |
Specifies whether the password can be reset with the help of password help desk staff. If this option is set, password help desk staff in the Operations Support Web Portal can reset the employee's password. |
Help desk employee |
Specifies whether the employee can handle help desk calls. For more information about the help desk, see One Identity Manager Help Desk Module User Guide. NOTE: This option is only available if the Helpdesk Module is installed. |
Import data source |
Target system or data source respectively, from which the employee was imported. This property is also set by scripts for automatically assigning employees to user accounts. |
Distinguished name |
Distinguished name of the imported employee. This property should be set by the import. |
Canonical name |
Fully qualified name of the imported employee. This property should be set by the import. |