Chatta subito con l'assistenza

Ottieni assistenza in tempo reale
Completa la registrazione

Accedi

Richiedi prezzo

Contatta il supporto vendite

Identity Manager 9.3 - Administration Guide for Connecting to Custom Target Systems

Table of Contents

Managing custom target systems

One Identity Manager users for managing custom target systems Configuration parameters for managing custom target systems

Synchronizing custom target systems

Mapping custom target systems in the One Identity Manager schema Scripted data provisioning in custom target systems

Deploying scripts for provisioning data in custom target systems Job server for provisioning data in custom target systems

General main data of Job servers Specifying server functions

Post-processing outstanding objects

Adding custom tables to the target system synchronization Post-processing outstanding objects

Managing user accounts and identities

Account definitions for user accounts

Creating account definitions Editing account definitions Main data for account definitions Editing manage levels Creating manage levels Assigning manage levels to account definitions Main data for manage levels Creating mapping rules for IT operating data Entering IT operating data Assigning account definitions to identities

Assigning account definitions to departments, cost centers, and locations Assigning account definitions to business roles Assigning account definitions to all identities Assigning account definitions directly to identities Assigning account definitions to system roles Adding account definitions in the IT Shop

Assigning account definitions to custom target systems Deleting account definitions

Assigning identities automatically to user accounts

Editing search criteria for automatic identity assignment Finding identities and directly assigning them to user accounts Changing manage levels for user accounts Assigning account definitions to linked user accounts

Supported user account types

Default user accounts Administrative user accounts

Providing administrative user accounts for one identity Providing administrative user accounts for several people

Privileged user accounts

Setting deferred deletion for custom target system user accounts

Managing assignments of groups and system entitlements

Specifying types of system entitlements in use Assigning groups and system entitlements to user accounts in One Identity Manager

Prerequisites for indirect assignments of groups and system entitlements to user accounts Assigning groups to departments, cost centers, and locations Assigning system entitlements to departments, cost centers, and locations Assigning groups to business roles Assigning system entitlements to business roles Adding groups to system roles Adding system entitlements to system roles Adding groups to the IT Shop Adding system entitlements to the IT Shop Assigning user accounts directly to a group Assigning user accounts directly to a system entitlement Assigning groups directly to user accounts Assigning system entitlements directly to a user account

Effectiveness of memberships in groups and system entitlements Inheriting groups and system entitlements based on categories Overview of all assignments

Login credentials for user accounts

Password policies for user accounts

Predefined password policies Using password policies Editing password policies Creating password policies General main data of password policies Policy settings Character classes for passwords Custom scripts for password requirements

Checking passwords with a script Generating passwords with a script

Editing the password excluded list Verifying passwords Testing password generation

Initial password for new user accounts Email notifications about login data

Mapping custom target system objects in One Identity Manager

Custom target system identifiers

General main data for custom target systems Customizing data synchronization for custom target systems Defining categories for inheriting groups and system entitlements Specifying alternative names

Container structures in custom target systems

Main data for containers Assigning extended properties to containers

User accounts in custom target systems

Creating and editing user accounts User account main data Assigning extended properties to user accounts Assigning permissions controls to user accounts Disabling user accounts Deleting and restoring user accounts Displaying the user account overview

Groups in custom target systems

Main data for groups Assigning groups to groups Assigning extended properties to groups Assigning permissions controls to groups Displaying the group overview

System entitlements in custom target systems

System entitlement main data Assigning system entitlements to system entitlements Assigning extended properties to system entitlements Displaying system entitlement overviews

Permissions controls in custom target systems

Main data for permissions controls Assigning user accounts to permissions controls Assigning groups to permissions controls Displaying the permissions control overview

Reports about custom target systems

Treatment of custom target system objects in the Web Portal Basic configuration data for custom target systems

Target system managers for custom target systems Target system types for custom target systems Configuring display of custom schema extensions for custom target systems

Configuration parameters for managing custom target systems

Editing the password excluded list

You can add words to a list of restricted terms to prohibit them from being used in passwords.

NOTE: The restricted list applies globally to all password policies.

To add a term to the restricted list

In the Designer, select the Base data > Security settings > Password policies category.
Create a new entry with the Object > New menu item and enter the term you want to exclude from the list.
Save the changes.

Verifying passwords

When you verify a password, all the password policy settings, custom scripts, and the restricted passwords are taken into account.

To verify if a password conforms to the password policy

In the Manager, select the Custom target systems > Basic configuration data > Password policies category.
In the result list, select the password policy.
Select the Change main data task.
Select the Test tab.
Select the table and object to be tested in Base object for test.
Enter a password in Enter password to test.

A display next to the password shows whether it is valid or not.

Testing password generation

When you generate a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.

To generate a password that conforms to the password policy

In the Manager, select the Custom target systems > Basic configuration data > Password policies category.
In the result list, select the password policy.
Select the Change main data task.
Select the Test tab.
Click Generate.

This generates and displays a password.

Initial password for new user accounts

You can issue an initial password for a new user account in the following ways:

When you create the user account, enter a password in the main data.
Assign a randomly generated initial password to enter when you create user accounts.
- In the Designer, set the TargetSystem | UNS| Accounts | InitialRandomPassword configuration parameter.
- Apply target system specific password policies and define the character sets that the password must contain.
- Specify which identity will receive the initial password by email.

Related topics

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione

© 2025 One Identity LLC. ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center