To rename a Managed Unit
When you delete a Managed Unit, the objects held in the Managed Unit are not deleted. The deletion erases the membership rules, permission settings, and policy settings associated with the Managed Unit.
NOTE: When you delete a Managed Unit, its members are not deleted. However, the permission settings and the policy settings that were specified via the Managed Unit are no longer in effect after the Managed Unit has been deleted.
Suppose an organization has offices in USA and Canada. The rule for including a user in an OU is the geographical location of the user. Therefore, all users who work in USA reside in the USA OU, and those working in Canada reside in the Canada OU.
The offices in USA and Canada each have Marketing, Development, and Sales departments. By creating a Sales MU, it is possible to manage users from the Sales departments in USA and Canada collectively, without changing the actual OU-based structure.
When delegating control of an MU, all users that belong to the MU inherit security settings defined at the level of the Managed Unit. Thus, applying an Access Template to a Managed Unit specifies the security settings for each user in the MU.
To implement this scenario, perform the following steps:
As a result, the members of the group gain control of user accounts that belong to the Sales MU. The scope of control is defined by the permissions in the Sales Access Template.
The following sections elaborate on the steps to implement this scenario.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책