サポートと今すぐチャット
サポートとのチャット

Identity Manager 9.2.1 - IT Shop Administration Guide

Setting up an IT Shop solution
One Identity Manager users in the IT Shop Implementing the IT Shop Using the IT Shop with the Application Governance Module Requestable products Preparing products for requesting Assigning and removing products Preparing the IT Shop for multi-factor authentication Assignment requests Delegations Creating IT Shop requests from existing user accounts, assignments, and role memberships Adding system entitlements automatically to the IT Shop Deleting unused application roles for product owners
Approval processes for IT Shop requests
Approval policies for requests Approval workflows for requests Determining effective approval policies Selecting responsible approvers Request risk analysis Testing requests for rule compliance Approving requests from an approver Automatically approving requests Approval by peer group analysis Approval recommendations for requests Gathering further information about a request Appointing other approvers Escalating an approval step Approvers cannot be established Automatic approval on timeout Halting a request on timeout Approval by the chief approval team Approving requests with terms of use Using default approval processes
Request sequence
The request overview Requesting products more than once Requests with limited validity period Relocating a customer or product to another shop Changing approval workflows of pending requests Requests for employees Requesting change of manager for an employee Canceling requests Unsubscribe products Notifications in the request process Approval by mail Adaptive cards approval Requests with limited validity period for changed role memberships Requests from permanently deactivated identities Deleting request procedures and deputizations
Managing an IT Shop
IT Shop base data Setting up IT Shop structures Setting up a customer node Deleting IT Shop structures Restructuring the IT Shop Templates for automatically filling the IT Shop Custom mail templates for notifications Product bundles Recommendations and tips for transporting IT Shop components with the Database Transporter
Troubleshooting errors in the IT Shop Configuration parameters for the IT Shop Request statuses Examples of request results

Using base object properties

In the subject line and body text of a mail definition, you can use all properties of the object entered under Base object. You can also use the object properties that are referenced by foreign key relation.

To access properties use dollar notation. For more information, see the One Identity Manager Configuration Guide.

Example:

An IT Shop requester should receive email notification about the status of the request.

Table 76: Email notification properties

Property

Value

Base object

PersonWantsOrg

Subject

"$DisplayOrg[D]$" status change

Mail body

Dear $FK(UID_PersonOrdered).Salutation[D]$ $FK(UID_PersonOrdered).FirstName$ $FK(UID_PersonOrdered).LastName$,

The status was changed on the following request on $DateHead:Date$.

Product: $DisplayOrg[D]$

Requested by: $DisplayPersonInserted$

Reason: $OrderReason$

Current status of your request:

Approval: granted

Approver: $DisplayPersonHead[D]$

Reason: $ReasonHead[D]$

The generated email notification could look like the following, for example, once it has been formatted.

Use of hyperlinks to the Web Portal

You can add hyperlinks to the Web Portal in the mail text of a mail definition. If the recipient clicks on the hyperlink in the email, the Web Portal opens on that web page and further actions can be carried out. In the default version, this method is implemented for IT Shop requests.

Prerequisites for using this method
  • The QER | WebPortal | BaseURL configuration parameter is enabled and contains the URL to the API Server. You edit the configuration parameter in the Designer.

    http://<server name>/<application>

    with:

    <server name> = name of server

    <application> = path to the API Server installation directory

To add a hyperlink to the Web Portal in the mail text

  1. Click the position in the mail text of the mail definition where you want to insert a hyperlink.

  2. Open the Hyperlink context menu and enter the following information.

    • Display text: Enter a caption for the hyperlink.

    • Link to: Select the File or website option.

    • Address: Enter the address of the page in the Web Portal that you want to open.

      NOTE: One Identity Manager provides a number of default functions that you can use to create hyperlinks in the Web Portal.

  3. To accept the input, click OK.

Default functions for creating hyperlinks

Several default functions are available to help you create hyperlinks. You can use the functions directly when you add a hyperlink in the mail body of a mail definition or in processes

Direct function input

You can reference a function when you add a hyperlink in the Address field of the Hyperlink context menu.

Syntax:

$Script(<Function>)$

Example:

$Script(VI_BuildITShopLink_Show_for_Requester)$

Default functions for IT Shop requests

The VI_BuildITShopLinks script contains a collection of default functions for composing hyperlinks to directly grant or deny approval of IT Shop requests from email notifications.

Table 77: Functions of the VI_BuildITShopLinks script

Function

Usage

VI_BuildITShopLink_Show_for_Approver

Opens the overview page for request approval in the Web Portal.

VI_BuildITShopLink_Show_for_Requester

Opens the overview page for requests in the Web Portal.

VI_BuildITShopLink_Approve

Approves a request and opens the approvals page in the Web Portal.

VI_BuildITShopLink_Deny

Denies a request and opens the approvals page in the Web Portal.

VI_BuildITShopLink_AnswerQuestion

Opens the page for answering a question in the Web Portal.

VI_BuildITShopLink_Reject

Opens the page with denied requests in the Web Portal.

VI_BuildAttestationLink_Pending

Opens the page with pending requests in the Web Portal.

VI_BuildITShopLink_Unsubscribe

Creates the link for canceling email notification. This function is used in processes for unsubscribing email notifications.

Customize email signatures

Configure the email signature for mail templates using the following configuration parameters. Edit the configuration parameters in the Designer.

Table 78: Configuration parameters for email signatures

Configuration parameter

Description

Common | MailNotification | Signature

Data for the signature in email automatically generated from mail templates.

Common | MailNotification | Signature | Caption

Signature under the salutation.

Common | MailNotification | Signature | Company

Company name.

Common | MailNotification | Signature | Link

Link to the company's website.

Common | MailNotification | Signature | LinkDisplay

Display text for the link to the company's website.

VI_GetRichMailSignature combines the components of an email signature according to the configuration parameters for use in mail templates.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択