Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 9.1.1 - Epic Healthcare System Administration Guide

Managing an Epic health care system Setting up synchronization with an Epic health care system Basic Data for managing an Epic health care system Epic EMP template Epic SubTemplate Epic Connection Epic EMP User Accounts Security Matrix Configuration parameters for managing Epic health care system Default project template for Epic

Assigning account definition to employees

Account definitions are assigned to company employees. Indirect assignment is the default method for assigning account definitions to employees. Account definitions are assigned to departments, cost centers, locations, or roles. The employees are categorized into these departments, cost centers, locations, or roles depending on their function in the company and thus obtain their account definitions. To react quickly to special requests, you can assign individual account definitions directly to employees. You can automatically assign special account definitions to all company employees. It is possible to assign account definitions to the IT Shop as requestable products. A department manager can then request user accounts from the Web Portal for his staff. It is also possible to add account definitions to system roles. These system roles can be assigned to employees through hierarchical roles or directly or added as products in the IT Shop. In the One Identity Manager default installation, the processes are checked at the start to see if the employee already has a user account in the target system that has an account definition. If no user account exists, a new user account is created with the account definition’s default manage level.

NOTE: If a user account already exists and is disabled, then it is re-enabled. You must alter the user account manage level afterward in this case.

Prerequisites for indirect assignment of account definitions to employees

• Assignment of employees and account definitions is permitted for role classes (departments, cost centers, locations, or business roles).

NOTE: As long as an account definition for an employee is valid, the employee retains the user account that was created by it. If the assignment of an account definition is removed, the user account that was created from this account definition is deleted. For detailed information about preparing role classes to be assigned, see the One Identity Manager Identity Management Base Module Administration Guide.

Detailed information about this topic

Assigning account definitions to departments, cost centers, and locations

To add account definitions to hierarchical roles

1. In the Manager, select the Epic healthcare | Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Assign organizations task.

4. Assign organizations in Add assignments.

  • Assign departments on the Departments tab.
  • Assign locations on the Locations tab.
  • Assign cost centers on the Cost centers tab.

NOTE: In Remove assignments, you can remove the assignment of organizations. To remove an assignment, select the organization and double-click .

5. Save the changes.

Assigning an account definition to business roles

Installed modules: Business Roles Module

To add account definitions to hierarchical roles

1. In One Identity Manager, select the Epic healthcare | Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Assign business roles task.

4. Assign business roles in Add assignments.

NOTE: In Remove assignments, you can remove the assignment of business roles. To remove an assignment, select the business role and double-click .

5. Save the changes.

Assigning account definitions to all employees

To assign an account definition to all employees

1. In One Identity Manager, select the Epic healthcare| Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Change master data task.

4. On the General tab, enable the Automatic assignment to employees option.

NOTE: Only set this option if you can ensure that all current internal employees in the database and all pending newly added internal employees obtain a user account in this target system.

5. Save the changes.

The account definition is assigned to every employee that is not marked as external. New employees automatically obtain this account definition as soon as they are added. The assignment is calculated by the DBQueue Processor.

NOTE: Disable Automatic assignment to employees to remove automatic assignment of the account definition to all employees. The account definition cannot be reassigned to employees from this point on. Existing assignments remain intact.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation