To obtain an overview of a role
In the Manager, select the SharePoint Online | Roles category.
Select the role in the result list.
Select the SharePoint Online role overview task.
To obtain an overview of a role
In the Manager, select the SharePoint Online | Roles category.
Select the role in the result list.
Select the SharePoint Online role overview task.
The behavior described under Effectiveness of SharePoint Online entitlement assignments can also be used for SharePoint Online roles.
The effect of the assignments is mapped in the O3SUserHasO3SRLAssign and BaseTreeHasO3SRLAssign tables through the XIsInEffect column.
To exclude SharePoint Online roles
- OR -
In the Remove assignments pane, remove the roles that no longer exclude each other.
One Identity Manager enables its users to perform various tasks simply using a Web Portal.
Managing user accounts and employees
An account definition can be requested by shop customers in the Web Portal if it is assigned to an IT Shop shelf. The request undergoes a defined approval procedure. The user account is not created until it has been agreed by an authorized person, such as a manager.
Managing entitlement assignments
To enable this, attestation policies are configured in the Manager. The attesters use the Web Portal to approve attestation cases.
Governance administration
The rules are checked regularly, and if changes are made to the objects in One Identity Manager. Compliance rules are defined in the Manager. Supervisors use the Web Portal to check and resolve rule violations and to grant exception approvals.
If the Company Policies Module is available, company policies can be defined for the target system objects mapped in One Identity Manager and their risks evaluated. Company policies are defined in the Manager. Supervisors use the Web Portal to check policy violations and to grant exception approvals.
Risk assessment
Reports and statistics
For more information about the named topics, refer to the following guides:
One Identity Manager Web Portal User Guide
One Identity Manager Attestation Administration Guide
One Identity Manager Compliance Rules Administration Guide
One Identity Manager Company Policies Administration Guide
One Identity Manager Risk Assessment Administration Guide
To manage SharePoint Online in One Identity Manager, the following basic data is relevant.
Authentication modes
Authentication mode used for logging in on the SharePoint Online server with this user account. For SharePoint Online, AzureAD is the only authentication mode.
For more information, see SharePoint Online authentication modes.
Target system types are required for configuring target system comparisons. Tables containing outstanding objects are maintained on target system types.
For more information, see Post-processing outstanding objects.
One Identity Manager has account definitions for automatically allocating user accounts to employees during working hours. You can create account definitions for every target system. If an employee does not yet have a user account in a target system, a new user account is created. This is done by assigning account definitions to an employee.
For more information, see Account definitions for SharePoint Online user accounts.
In order to handle SharePoint Online -specific processes in One Identity Manager, the synchronization server and its server functions must be declared.
For more information, see Job server for SharePoint Online-specific process handling.
A default application role exists for the target system manager in One Identity Manager.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center