To open the Overview - Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Overview.
On the Overview – Azure Active Directory group page, you can see all the information relevant to the Azure Active Directory group summarized in an overview (see Displaying system entitlement overviews).
This information is displayed as shapes. For more information, click on the links inside one of the shapes.
To open the Main data – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Main data.
On the Main data – Azure Active Directory group page, you can see the Azure Active Directory group's main data (see Displaying system entitlement main data).
Enter the following main data:
|
Property |
Description |
|---|---|
|
Name |
Shows you the full, descriptive name of the Azure Active Directory group. |
|
Canonical name |
Shows you the automatically generated canonical name of the Azure Active Directory group. |
|
Distinguished name |
Shows you the automatically generated distinguished name of the Azure Active Directory group. |
|
Display name |
Shows you the name of the Azure Active Directory group used to display Azure Active Directory group in the One Identity Manager tools. |
|
Container |
Shows you the parent container of the Azure Active Directory group. |
|
Service item |
Shows you the assigned service items. |
|
Category |
Shows you the category for Azure Active Directory group inheritance. User accounts can inherit Azure Active Directory groups selectively. To do this, Azure Active Directory groups and user accounts are divided into categories. |
|
Description |
Shows you the Azure Active Directory group's description. |
|
Risk index |
Shows you the configured risk index. This value specifies the risk of assigning this Azure Active Directory group to a user account. For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide. |
|
IT shop |
Shows you whether the Azure Active Directory group can be requested in the IT Shop. If set, the Azure Active Directory group can be requested by identities using the Web Portal and granted through a defined approval process. The Azure Active Directory group can still be assigned directly to identities and hierarchical roles. For detailed information about IT Shop, see the One Identity Manager IT Shop Administration Guide. |
|
Only use in IT Shop |
Shows you whether the Azure Active Directory group can only be requested through the IT Shop. If set, the Azure Active Directory group can be requested by identities using the Web Portal and granted through a defined approval process. You cannot assign an Azure Active Directory group to hierarchical roles directly. |
To open the Memberships – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Memberships.
On the Memberships - Azure Active Directory group page, you can see identities to which the Azure Active Directory group is assigned (see Displaying memberships in system entitlements).
The following table gives an overview of the different content on the Memberships – Azure Active Directory group page.
|
Column |
Description |
|---|---|
|
Identity |
Shows you the name of the identity to which the Azure Active Directory group is assigned. |
|
Origin |
Shows whether the Azure Active Directory group is assigned directly or indirectly to the employee. |
TIP: For each identity, you can see more useful information in the details pane. To do this, click the appropriate instance in the list. If the identity obtained the membership through a request, you will find more information on the following tabs on the Request tab:
Information: Displays general information about a request. The information displayed varies and is dependent on the service category from which the request was triggered.
Workflow: Displays the life cycle chronologically as from the time of request.
Compliance: Displays possible rule violations for this request.
Entitlements: Show which entitlement are assigned to the role (if a role was requested).
TIP: You can show less data by using the column filters. For more information, see Filtering.
To open the Attestation – Azure Active Directory group page go to Responsibilities > Auditing > Azure Active Directory > Show details > Attestation.
On the Attestation - Azure Active Directory group page, you can:
Display all attestation cases linked to this Azure Active Directory group (see Displaying attestation cases of system entitlements)
Display identities that have yet to approve Azure Active Directory group attestation cases (see Displaying attestors of system entitlement pending attestation cases)
Display details of the objects being attested
The following tables give you an overview of the various features and content on the Attestation - Azure Active Directory group page.
|
Control |
Description |
|---|---|
|
View approvers for pending cases |
Use this button to display all identities that still have to make approval decisions about attestation cases and Then you can send reminder emails to these identities |
|
Control |
Description |
|---|---|
|
Show details |
Use this button to display all the objects involved in the attestation case |
|
Column |
Description |
|---|---|
|
Display name |
Shows the name of the object included in the attestation case. |
|
Attestation policy |
Shows the name of the attestation policy in use. |
|
State |
Shows the current status of the attestation case. The following status' are possible:
|
|
New |
Shows whether the attestation case is new. New cases have not been granted approval yet but might have been denied approval before. |
|
Due date |
Shows by when the attestation case must be completed. |
|
Risk index |
Show the attestation case's risk index. |
TIP: You can show less data by using the column filters. For more information, see Filtering.
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center
