지금 지원 담당자와 채팅
지원 담당자와 채팅

Identity Manager 9.1.1 - Administration Guide for Connecting to Active Directory

Managing Active Directory environments Synchronizing an Active Directory environment
Setting up initial synchronization with an Active Directory domain Adjusting the synchronization configuration for Active Directory environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing Active Directory user accounts and employees
Account definitions for Active Directory user accounts and Active Directory contacts Assigning employees automatically to Active Directory user accounts Supported user account types Updating employees when Active Directory user account are modified Automatic creation of departments and locations based on user account information Specifying deferred deletion for Active Directory user accounts and Active Directory contacts
Managing memberships in Active Directory groups Login information for Active Directory user accounts Mapping of Active Directory objects in One Identity Manager
Active Directory domains Active Directory container structures Active Directory user accounts Active Directory contacts Active Directory groups Active Directory computers Active Directory security IDs Active Directory printers Active Directory sites Reports about Active Directory objects
Handling of Active Directory objects in the Web Portal Basic data for managing an Active Directory environment Configuration parameters for managing an Active Directory environment Default project template for Active Directory Processing methods of Active Directory system objects Active Directory connector settings

Extension data for Active Directory user accounts

On the Extensions tab, you enter the user-defined Active Directory schema extensions for the user account.

Table 39: Extension data
Property Description

Extensions data

Custom extension data in binary format.

Attribute extension 01 - attribute extension 15

Additional company-specific information. Use the Designer to customize display names, formats, and templates for the input fields.

Further data for identifying Active Directory user accounts

Enter the following address data for contacting the employee on the Identification tab.

Table 40: Main data for identification
Property Description

Office

Office. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Street

Street or road. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Mailbox

Mailbox. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Zip code

Zip code. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

City

City. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. Locations can be automatically generated and employees assigned based on the town.

State

State. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Country ID

The country ID.

Company

Employee's company. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Department

Employee's department If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. Departments can be automatically generated and employees assigned based on the department data.

Job description

Job description. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Employee ID

Employee's unique marker, for example their ID.

Employee number

Number for identifying the employee in addition to their ID.

Account manager

Manager responsible for the user account.

To specify an account manager

  1. Click next to the field.
  2. In the Table menu, select the table that maps the account manager.
  3. In the Account manager menu, select the manager.
  4. Click OK.
Related topics

Contact information for Active Directory user accounts

Enter the data used by this user account for contacting the employee by telephone on the Contact tab.

Table 41: Contact data
Property Description

Phone

Telephone number. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Phone private

Private telephone number.

Fax

Fax number. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Mobile phone

Mobile number. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Pager

Pager number.

Website

Website.

IP telephone number

IP telephone number.

Comment

Text field for additional explanation.

Assigning Active Directory account policies to Active Directory user accounts

For domains from the Windows Server 2008 R2 functional level and above, it is possible to define additional password policies in addition to the default password policies. This allows individual users and groups to be subjected to stricter account policies as intended for global groups.

To specify account policies for a user account

  1. In the Manager, select the Active Directory > User accounts category.

  2. Select the user account in the result list.

  3. Select the Assign account policies task.

  4. In the Add assignments pane, assign account policies.

    TIP: In the Remove assignments pane, you can remove account policy assignments.

    To remove an assignment

    • Select the account policy and double-click .

  5. Save the changes.
Related topics
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택