Extended properties are meta objects that cannot be mapped directly in One Identity Manager, for example, operating codes, cost codes or cost accounting areas.
To specify extended properties for a system role
Select the category Entitlements | System Roles.
Select the system role in the result list.
Select Assign extended properties.
Assign extended properties in Add assignments.
|
TIP: In the Remove assignments area, you can remove the assignment of extended properties. To remove an assignment
|
For more detailed information about extended properties, see the One Identity Manager Identity Management Base Module Administration Guide.
Specify, which system role of a pair of system roles, should be take effect if both are assigned. No company resources are inherited by the system role which is not effective.
To exclude system roles
Select the category Entitlements | System Roles.
Select the system role in the result list.
Select Edit conflicting system roles.
Assign the system roles that are mutually exclusive to the selected system role in Add assignments.
- OR -
In the Remove assignments view, remove the system roles that no longer exclude each other.
The following configuration parameters are additionally available in One Identity Manager after the module has been installed.
Configuration parameter | Description |
---|---|
QER\ESet |
Preprocessor relevant configuration parameter for controlling the database model components for system roles. If this parameter is set, system components are available. Changes to this parameter require the database to be recompiled. |
QER\Structures\Inherite\ESetExclusion |
Preprocessor relevant configuration parameter for defining the effectiveness of system roles. If this parameter is set, mutually exclusive system roles can be defined. Changes to this parameter require the database to be recompiled. |
QER\Structures\Inherite\NoESetSplitting |
Specifies whether the components of a system role are already split in the hierarchical role (as previously) or not (current behavior). If this parameter is set, the system roles are not broken down into their individual components until the target of the inheritance. |
The following example shows how inheritance of company resources through system roles works and what effect exclusion definitions have.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz