サポートと今すぐチャット
サポートとのチャット

Identity Manager 8.2 - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning employees, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded employees Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Reports about departments, cost centers, and locations
Employee administration
One Identity Manager users for employee administration Basic data for employee main data Employee's central user account Employee's default email address Employee's central password Mapping multiple employee identities Password policies for employees Creating and editing employees Disabling and deleting employees Deleting all employee related data Limited access to One Identity Manager Changing the certification status of employees Assigning company resources to employees Displaying the origin of employees' roles and entitlements Analyzing role memberships and employee assignments Displaying the employees overview Displaying and deleting employees' Webauthn security keys Determining the language for employees Determining employees working hours Manually assigning user accounts to employees Entering calls for employees Assigning extended properties to employees Employee reports
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Effective configuration parameters for setting up employees Configuration parameters for managing devices and workdesks

Main data for devices' asset data

Enter the following main data of the asset data of a device.

NOTE: Prices are given to 2 decimal places by default. The number of decimal places to enter can be modified in the Designer. For more information, see the One Identity Manager Configuration Guide.

Table 59: Device asset data

Property

Description

Asset number

Number of the asset in the bookkeeping.

Asset

Asset.

Storage class

Asset class.

Storage type

Asset type.

Device status

The device's status.

Enabling

Date for enabling the asset or beginning the lease, respectively.

Deactivation

Date for disabling the asset or end of lease, respectively.

Replacement value

Value for replacing with a new device.

Depreciated value

Depreciation value for the device.

Company owned

Specifies whether the device is owned by the company.

Leased

Specifies whether the device is leased.

Invoice number

Invoice number of the purchase.

PSP character string

Asset PSP as character string.

Last inventory run

Date of last inventory.

Primary cost center

Cost center. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Serial number

Serial number of the device.

Delivery remarks

Text field for additional explanation.

Inventory remarks

Text field for additional explanation.

Primary business role

Business role. A workdesk can obtain company resources over the primary assignments when One Identity Manager is correspondingly configured.

NOTE: This property is available if the Business Roles Module is installed.

Primary location

Location. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Primary department

Department. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Related topics

Commercial data for devices

Enter the following asset data for a device.

NOTE: Prices are given to 2 decimal places by default. The number of decimal places to enter can be modified in the Designer. For more information, see the One Identity Manager Configuration Guide.

Table 60: Commercial data of a device

Property

Description

Acquisition date

Date of purchase.

Delivery date

Date of delivery.

Delivery voucher number

Delivery voucher number.

Voucher

Voucher. For more information about vouchers, see the One Identity Manager Chargeback Administration Guide.

Warranty

Warranty expiry date.

Warranty number

Warranty number.

Setup date

Date of going into operation.

Owner

Leasing company.

supplier

Name of supplier.

Manufacturer

Name of manufacturer.

Purchase price

Purchase price.

Internal price

Internal price.

Sales price

Sales price.

Currency

Currency unit

Inventory note

Text field for additional explanation.

Withdrawal date

Date for writing off the device.

Investment

Investment or investment plan.

Leasing fee

Leasing fee.

Internal transfer price

Internal transfer price.

Depreciation month

Depreciation in months

Related topics

Managing resources

One Identity Manager not only offers the possibility to map IT resources but also non-IT resources such as mobile telephones, desks, company cars, and keys: in other words, everything that is necessary to create an efficient working environment for an employee. You can assign resources directly to an employee or through classification into hierarchical roles in the One Identity Manager. Similarly, you can resources request for an employee through the IT Shop.

Resources are divided up from a functional point of view.

Table 61: Resource types

Type

Description

Table

Resources

Resources that an employee (workdesk, device) may own just once.

The resources can be requested in the IT Shop just once. The resources are assigned to the employees after approval has been granted. They remain assigned until the request is unsubscribed. You can request them again a later point.

Example: phone, company car.

QERResource

Multi-request resources

Resources that can be requested more than once in the IT Shop. Requests are automatically canceled once approved. The resources are not explicitly assigned to employees.

Example: resource for requesting remote desktop sessions for assets in a PAM system; consumables, such as pens, printing paper.

QERReuse

Multi requestable/unsubscribable resources

Resources that an employee can request more than once in the IT Shop but must return them explicitly once they are no longer needed. The resources are assigned to the employees after approval has been granted. They remain assigned until the request is canceled.

Example: printer, monitor.

QERReuseUS

Assignment resources

Assignment resources are special resources for requesting any number of assignments to hierarchical roles or to delegate responsibilities in the IT Shop.

For detailed information about assignment resources, see the One Identity Manager IT Shop Administration Guide.

QERAssign

Detailed information about this topic

One Identity Manager users for managing resources

The following users are used for user administration.

Table 62: Users
Users Tasks

Administrators for the IT Shop

Administrators must be assigned to the Request & Fulfillment | IT Shop | Administrators application role.

Users with this application role:

  • Edit the resources and assign them to IT Shop structures.

One Identity Manager administrators

One Identity Manager administrator and administrative system users Administrative system users are not added to application roles.

One Identity Manager administrators:

  • Create customized permissions groups for application roles for role-based login to administration tools in the Designer as required.

  • Create system users and permissions groups for non role-based login to administration tools in the Designer as required.

  • Enable or disable additional configuration parameters in the Designer as required.

  • Create custom processes in the Designer as required.

  • Create and configure schedules as required.

  • Create and configure password policies as required.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択