Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 8.2 - Authorization and Authentication Guide

About this guide One Identity Manager application roles Granting One Identity Manager schema permissions through permissions groups Managing permissions to program features One Identity Manager authentication modules OAuth 2.0 / OpenID Connect configuration Multi-factor authentication in One Identity Manager Authenticating other applications using OAuth 2.0/OpenID Connect Granular permissions for the SQL Server and database Installing One Identity Redistributable STS Program functions for starting the One Identity Manager tools Minimum access levels of One Identity Manager tools

Displaying permissions for the current user

To get more information about the current user

  • To display user information, double-click the icon in the program status bar.

Table 26: Extra information about the current user
Property Meaning

System users

Name of system user

Authenticated by

Name of the authentication module used for logging in.

Employee UID (UserUID)

Unique ID for the current user’s employee if an employee related authentication module is used to log in.

SQL access level

Access level of the database server used to log in.

Read-only

The system user has only has read permissions. Modification to data are not possible.

Dynamic user

The current user uses a dynamic system user. Dynamic system users are applied when a role-based authentication module is used.

Administrative user

The current user uses an administrative system user.

Remarks

More details about the system user in use.

Permissions group

Permissions groups that are assigned to the system user. The permissions groups determine the user's user interface and object permissions.

Program functions

Program functions assigned to the system user The menu items and functions available depend on the program functions.

Assigning role-based permissions groups to an applications

If you assign a permissions group to an application, the permissions of the group apply only to this application. When a user logs on to the application, they receive the permissions of the permissions group in addition to their own permissions.

To assign a role-based permissions group to an application

  1. In the Designer, select the Permissions > Permissions groups > Role based permissions groups category.

  2. Select View > Select table relations and enable the DialogGroupInProductLimited table.

  3. In the List Editor, select the permissions group.

  4. Assign the application in the Applications edit view.

  5. Select the Database > Save to database and click Save.

For detailed information about applications in One Identity Manager, see the One Identity Manager Configuration Guide.

Managing permissions to program features

Program functions are part of the permission model in One Identity Manager. They allow you to enable and disable features. Program functions are not assigned to single users but to permissions groups. The set of program functions defined for a user is determined by their permissions groups and the program functions contained in them.

One Identity Manager tools can only be started if the user has the relevant program function permissions. Furthermore, some functions in the One Identity Manager tools are available only if the program functions are assigned to the current user. This includes data export from the Manager, calling the SQL Editor in the Designer or showing DBQueue Processor information in all programs, as examples.

Detailed information about this topic

Displaying the current user's program functions

To identify the program functions available to the current user:

  • To display user information, double-click the icon in the program status bar

    The Program functions tab shows the program functions that are available.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation