Assigning employees to business roles
NOTE: This function is only available if the module Business Roles Module is installed.
Assign employees to business roles so that employees obtain their company resources through these business roles. To assign company resources to business roles use the corresponding business role tasks. For detailed information about working with business roles, see One Identity Manager Business Roles Administration Guide.
To assign an employee to business roles (secondary assignment; default method)
-
In the Manager, select the Employees | Employees category.
-
Select the employee in the result list.
-
Select the Assign business roles task.
-
In the Add assignments pane, assign business roles.
TIP: In the Remove assignments pane, you can remove assigned business roles.
To remove an assignment
- Select the business role and double-click .
- Save the changes.
To assign an employee to business roles (primary assignment)
-
In the Manager, select the Employees | Employees category.
-
Select the employee in the result list.
-
Select the Change master data task.
-
On the Organizational tab, enter the primary business role.
-
Save the changes.
Related topics
Adding employees to IT Shop custom nodes
When employees are added to a custom node they are entitled to make IT Shop requests. Access permissions to the IT Shop and the assignments allocated to them through product requests in the IT Shop are displayed on the employee’s overview. For more detailed information, see the One Identity Manager IT Shop Administration Guide.
To add an employee to the IT Shop
-
In the Manager, select the Employees | Employees category.
-
Select the employee in the result list.
-
Select the Assign IT Shop memberships task.
-
In the Add assignments pane, assign custom nodes.
- OR -
In the Remove assignments pane, remove the custom nodes.
- Save the changes.
Assigning application roles to employees
For detailed information about implementing and editing application roles, see the One Identity Manager Authorization and Authentication Guide.
Assigned employees obtain all the write permissions of the permission group to which the application role (or a parent application role) is assigned. In addition, employees obtain the company resources assigned to the application role.
Employees of the parent application role are inherited if no employees are directly assigned to an application role.
NOTE: The application roles for Base roles | Everyone (Change), Base roles | Everyone (Lookup), Base roles | Employee Managers, and Base roles | Birthright Assignments are automatically assigned to employees. Do not make any manually assignments to these application roles.
To assign application to an employee
-
In the Manager, select the Employees | Employees category.
-
Select the employee in the result list.
-
Select the Assign One Identity Manager application roles task.
-
In the Add assignments pane, assign the application roles.
- OR -
In the Remove assignments pane, remove the application roles.
- Save the changes.
Assigning resources directly to employees
Resources can be assigned directly or indirectly to employees. Indirect assignment is carried out by allocating employees and resources in company structures, like departments, cost centers, locations, or business roles.
To react quickly to special requests, you can assign resources directly to an employee.
To assign resources directly to an employee
-
In the Manager, select the Employees | Employees category.
-
Select the employee to whom the resources will be assigned, from the result list.
-
Select the Assign resources task.
-
In the Add assignments pane, assign resources.
- OR -
In the Remove assignments pane, remove resources.
- Save the changes.
Related topics