Employee |
Employee who uses the contact. An employee is already entered if the contact was generated by an account definition. If you are using automatic employee assignment, an associated employee is created when you save the contact and added to the contact. If you create the contact manually, you can select an employee in the menu. |
No link to an employee required |
Specifies whether the contact is intentionally not assigned an employee. The option is automatically set if a contact is included in the exclusion list for automatic employee assignment or a corresponding attestation is carried out. You can set the option manually. Enable the option if the contact does not need to be linked with an employee (for example, if several employees use the contact).
If attestation approves these contacts, these contacts will not be submitted for attestation in the future. In the Web Portal, contact that are not linked to an employee can be filtered according to various criteria. |
Not linked to an employee |
Indicates why the No link to an employee required option is enabled for this contact. Possible values:
-
By administrator: The option was set manually by the administrator.
-
By attestation: The contact was attested.
-
By exclusion criterion: The contact is not associated with an employee due to an exclusion criterion. For example, the contact is included in the exclude list for automatic employee assignment (configuration parameter PersonExcludeList). |
Account definition |
Account definition through which the contact was created.
Use the account definition to automatically populate contact main data and to specify a manage level for the contact. One Identity Manager finds the IT operating data of the assigned employee and uses it to populate the corresponding fields in the contact.
NOTE: The account definition cannot be changed once the contact has been saved.
To create the contact manually through an account definition, enter an employee in the Employee field. You can select all the account definitions assigned to this employee and through which no contact has been created for this employee. |
Manage level |
Contact's manage level. Select a manage level from the menu. You can only specify the manage level can if you have also entered an account definition. All manage levels of the selected account definition are available in the menu. |
First name |
The contact’s first name. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. |
Last name |
The contact's last name. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. |
Initials |
The contact’s initials. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. |
Title |
Contact’s academic title. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. |
Display name |
The contact’s display name. The display name is made up of the contact’s first and last names. |
Structural object class |
Structural object class representing the object type. Normally you set up contacts in One Identity Manager using the CONTACT object class. |
Name |
The contact’s identifier. The identifier is made up of the contact’s first and last names. |
Distinguished name |
Contact's distinguished name. The distinguished name is formatted from the contact's identifier and the container and cannot be changed. |
Domain |
Domain in which to create the contact. |
Container |
Container in which to create the contact. If you have assigned an account definition, the container is determined from the company IT data for the assigned employee depending on the manage level of the user account. The distinguished name for the contact is determined by a template when the container is selected. |
Email address |
Contact's email address. If you assigned an account definition, the email address is made up of the employee’s default email address depending on the manage level of the user account. |
Risk index (calculated) |
Maximum risk index value of all assigned groups. The property is only visible if the QER | CalculateRiskIndex configuration parameter is set. For detailed information, see the One Identity Manager Risk Assessment Administration Guide. |
Category |
Category for the contact to inherit groups. Groups and be selectively inherited by contacts. To do this, the groups and contacts are divided into categories. Select one or more categories from the menu. |
Description |
Text field for additional explanation. |
Identity |
Contact's type of identity.
|
Groups can be inherited |
Specifies whether the employee's groups are inherited. If this option is set, contacts inherit groups through hierarchical roles.
If you add an employee with a contact to an apartment, for example, and you have assigned groups to this department, the contact inherits the groups. |
Protected from accidental deletion |
Specifies whether to protect the contact against accidental deletion. If the option is set, the permissions for deleting the contact are removed in Active Directory. The contact cannot be deleted or moved. |