Auditing – LDAP (page description)
To open the Auditing - LDAP page go to Responsibilities > Auditing > LDAP.
On the Auditing - LDAP page, you can see all the LDAP groups (see Displaying all system entitlements).
If you click Show details in an LDAP group's details pane, a new page opens (see Auditing - Roles and permissions: LDAP group (page description)) that contains more information and configuration options for the LDAP group.
The following tables give you an overview of the various features and content on the Auditing - LDAP page.
Table 739: Controls
Select an identity |
Use this feature to select an identity so that only the LDAP groups they manage are shown (see Displaying all system entitlements). |
Table 741: Columns
Display |
Shows the LDAP group's name. |
TIP: You can show less data by using the column filters. For more information, see Filtering.
Auditing - Roles and permissions: LDAP group (page description)
To open the Auditing - Roles and entitlements: LDAP group page go to Responsibilities > Auditing > LDAP > Show details.
On the Auditing - Roles and entitlements: LDAP group page, you can access various information about the selected LDAP group.
To do this, click on one of the tiles:
Overview – LDAP group (page description)
To open the Overview - LDAP group page go to Responsibilities > Auditing > LDAP > Show details > Overview.
On the Overview – LDAP group page, you can see all the information relevant to the LDAP group summarized in an overview (see Displaying system entitlement overviews).
This information is displayed as shapes. For more information, click on the links inside one of the shapes.
Main data – LDAP group (page description)
To open the Main data – LDAP group page go to Responsibilities > Auditing > LDAP > Show details > Main data.
On the Main data – LDAP group page, you can show the LDAP group's main data.
Enter the following main data:
Table 743: LDAP group main data
Name |
Shows you the full, descriptive name of the LDAP group. |
Canonical name |
Shows you the automatically generated canonical name of the LDAP group. |
Distinguished name |
Shows you the automatically generated distinguished name of the LDAP group. |
Display name |
Shows you the name of the LDAP group used to display LDAP group in the One Identity Manager tools. |
Container |
Shows you the parent container of the LDAP group. |
Service item |
Shows you the assigned service items. |
Category |
Shows you the category for LDAP group inheritance.
User accounts can inherit LDAP groups selectively. To do this, LDAP groups and user accounts are divided into categories. |
Description |
Shows you the LDAP group's description. |
Risk index |
Shows you the configured risk index.
This value specifies the risk of assigning this LDAP group to a user account.
For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide. |
IT shop |
Shows you whether the LDAP group can be requested in the IT Shop. If set, the LDAP group can be requested by identities using the Web Portal and granted through a defined approval process. The LDAP group can still be assigned directly to identities and hierarchical roles.
For detailed information about IT Shop, see the One Identity Manager IT Shop Administration Guide. |
Only use in IT Shop |
Shows you whether the LDAP group can only be requested through the IT Shop. If set, the LDAP group can be requested by identities using the Web Portal and granted through a defined approval process. You cannot assign an LDAP group to hierarchical roles directly. |