Identity Manager 8.1.4 - Web Portal User Guide

In the Employee menu under Attestation, you can make approval decisions for employee's pending attestations.

NOTE: You can also make approval decisions in Pending Attestations.

To approve pending attestations

In the menu bar, click Responsibilities | My Responsibilities.
Open Employee.
Use a filter and then mark the item you want in the result list.
Select Attestations and open either Object attestation or All attestation cases.
Select Approve.

This opens Pending attestations.
In the pending attestations view, select the required case.
Perform one of the following tasks:
- Grant approval by clicking .
- Deny approval by clicking .
If required, repeat step 3 and click Next.
Perform one of the following tasks:
- Enter a reason for your decision in the field.
- Select an available reason in the Standard reason field.
NOTE: You have the option of selecting a predefined text for all cases still to be approved using the Standard reason menu. Standard reasons are displayed in the approval history and in the case details. For more detailed information about default reasons, see the One Identity Manager Attestation Administration Guide.
Click Save.

NOTE: Some attestation cases that still need to be approved, require multi-factor authentication. After your approval decision has been saved, you will prompted to enter a security code. For more information, see Requesting products that require multi-factor authentication.

System entitlements

System entitlements map the objects that control access to target system resources in the target systems. A user account obtains the required permissions for accessing target system resources through its memberships in system entitlements.

The following system entitlements, for example, are displayed on the System entitlement page:

Active Directory groups
SAP groups
SharePoint groups
Privileged Account Management groups

You can run the following tasks in system entitlements, if you own them.

View a variety of information about the system entitlement (in a Hyper View), its members, attestation cases and usage of the different role classes.
Add a new owner role and assign a product owner to an Active Directory group if you are target system administrator. You can also edit the requestability of an Active Directory group.
Change the properties of the entitlement.
Add members to system entitlements.
Obtain an overview of all groups that are members of a system entitlement.
Analyze that state and compare attributes of the base object.
You can perform this task in the historical data view.

To show system entitlements

In the menu bar, click Responsibilities | My Responsibilities.
Click the System entitlements tile.

Detailed information about this topic

Adding memberships

NOTE: This function is only available if the module Identity Management Base Module, Business Roles Module, System Roles Module or Target System Base Module is installed.

You can add members to roles, organizations, and entitlements for which you are responsible and have the required access. This is an alternative to making a request for membership on behalf of an employee.

You can delete memberships as well as adding them.

NOTE: Employees cannot be assigned to assignment resources.

To request new membership

Perform one of the following tasks:
- Under System entitlement, open Memberships for the required system entitlement.
- Under Business roles, open Memberships for the required business role.
- Under System roles, open Memberships for the required system role.
- Under Departments, open Memberships for the required department.
- Under Cost centers, open Memberships for the required cost center.
- Under Locations, open Memberships for the required location.
- Under Resources, open Memberships for the required resources.
- Under Assignment resources, open Memberships for the required resource.
- Under Multi-request resources, open Memberships for the required resource.
- Under Multi requestable/unsubscribable resources, open Memberships for the required resource.
- Under Software, open Memberships for the required software application.
Click Request memberships.
Select the required employee (multi select is permitted) and click Move to shopping cart.

Your shopping cart appears. For more information, see Edit shopping cart.

Deleting memberships

Deleting memberships is similar to a requests workflow. You can delete members from roles, organizations, and entitlements for which you are responsible and have the required access. The assignment is removed by the deletion process.

NOTE: Employees cannot be assigned to or deleted from assignment resources.

To delete a membership

Perform one of the following tasks:
1. Under System entitlement, open Memberships for the required system entitlement.
2. Under Business roles, open Memberships for the required business role.
3. Under System roles, open Memberships for the required system role.
4. Under Departments, open Memberships for the required department.
5. Under Cost centers, open Memberships for the required cost center.
6. Under Locations, open Memberships for the required location.
7. Under Resources, open Memberships for the required resources.
8. Under Assignment resources, open Memberships for the required resource.
9. Under Multi-request resources, open Memberships for the required resource.
10. Under Multi requestable/unsubscribable resources, open Memberships for the required resource.
11. Under Software, open Memberships for the required software application.

Click Delete memberships.
This deletes the membership.

Bitte w&auml;hlen Sie Ihr Produkt aus:

Damit wir Ihnen besser helfen können, geben Sie den Grund Ihres Chats an:

Empfohlene Lösungen für Ihr Problem

Identity Manager 8.1.4 - Web Portal User Guide

Approving attestations

System entitlements

Detailed information about this topic

Adding memberships

Deleting memberships

Bitte wählen Sie Ihr Produkt aus: