Overview – Azure Active Directory group (page description)
To open the Overview - Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Overview.
On the Overview – Azure Active Directory group page, you can see all the information relevant to the Azure Active Directory group summarized in an overview (see Displaying system entitlement overviews).
This information is displayed as shapes. For more information, click on the links inside one of the shapes.
Main data – Azure Active Directory group (page description)
To open the Main data – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Main data.
On the Main data – Azure Active Directory group page, you can see the Azure Active Directory group's main data (see Displaying system entitlement main data).
Enter the following main data:
Table 691: Azure Active Directory group main data
Name |
Shows you the full, descriptive name of the Azure Active Directory group. |
Canonical name |
Shows you the automatically generated canonical name of the Azure Active Directory group. |
Distinguished name |
Shows you the automatically generated distinguished name of the Azure Active Directory group. |
Display name |
Shows you the name of the Azure Active Directory group used to display Azure Active Directory group in the One Identity Manager tools. |
Container |
Shows you the parent container of the Azure Active Directory group. |
Service item |
Shows you the assigned service items. |
Category |
Shows you the category for Azure Active Directory group inheritance.
User accounts can inherit Azure Active Directory groups selectively. To do this, Azure Active Directory groups and user accounts are divided into categories. |
Description |
Shows you the Azure Active Directory group's description. |
Risk index |
Shows you the configured risk index.
This value specifies the risk of assigning this Azure Active Directory group to a user account.
For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide. |
IT shop |
Shows you whether the Azure Active Directory group can be requested in the IT Shop. If set, the Azure Active Directory group can be requested by identities using the Web Portal and granted through a defined approval process. The Azure Active Directory group can still be assigned directly to identities and hierarchical roles.
For detailed information about IT Shop, see the One Identity Manager IT Shop Administration Guide. |
Only use in IT Shop |
Shows you whether the Azure Active Directory group can only be requested through the IT Shop. If set, the Azure Active Directory group can be requested by identities using the Web Portal and granted through a defined approval process. You cannot assign an Azure Active Directory group to hierarchical roles directly. |
Memberships – Azure Active Directory group (page description)
To open the Memberships – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Memberships.
On the Memberships - Azure Active Directory group page, you can see identities to which the Azure Active Directory group is assigned (see Displaying memberships in system entitlements).
The following table gives an overview of the different content on the Memberships – Azure Active Directory group page.
Table 692: Columns
Identity |
Shows you the name of the identity to which the Azure Active Directory group is assigned. |
Origin |
Shows whether the Azure Active Directory group is assigned directly or indirectly to the employee. |
TIP: For each identity, you can see more useful information in the details pane. To do this, click the appropriate instance in the list. If the identity obtained the membership through a request, you will find more information on the following tabs on the Request tab:
-
Information: Displays general information about a request. The information displayed varies and is dependent on the service category from which the request was triggered.
-
Workflow: Displays the life cycle chronologically as from the time of request.
-
Compliance: Displays possible rule violations for this request.
-
Entitlements: Show which entitlement are assigned to the role (if a role was requested).
TIP: You can show less data by using the column filters. For more information, see Filtering.
Attestations – Azure Active Directory group (page description)
To open the Attestation – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Attestation.
On the Attestation - Azure Active Directory group page, you can:
The following tables give you an overview of the various features and content on the Attestation - Azure Active Directory group page.
Table 695: Columns
Display name |
Shows the name of the object included in the attestation case. |
Attestation policy |
Shows the name of the attestation policy in use. |
State |
Shows the current status of the attestation case.
The following status' are possible:
-
Pending: The attestation case is not closed yet and must still be approved.
-
Approved: The attestation case was approved. In the details pane, on the Workflow tab, you can see why the attestation case was granted approval.
-
Denied: The attestation case was denied. In the details pane, on the Workflow tab, you can see why the attestation case was denied approval. |
New |
Shows whether the attestation case is new. New cases have not been granted approval yet but might have been denied approval before. |
Due date |
Shows by when the attestation case must be completed. |
Risk index |
Show the attestation case's risk index. |
TIP: You can show less data by using the column filters. For more information, see Filtering.