지금 지원 담당자와 채팅
지원 담당자와 채팅

Identity Manager 9.2.1 - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning identities, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded identities Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Certifying departments, cost centers, and locations Reports about departments, cost centers, and locations
Identity administration
One Identity Manager users for managing identities Basics for managing identities Creating and editing identities Assigning company resources to identities Displaying the origin of identities' roles and entitlements Analyzing role memberships and identity assignments Deactivating and deleting identities Deleting all personal data Limited access to One Identity Manager Changing the certification status of identities Displaying the identities overview Displaying and deleting identities' Webauthn security keys Determining the language for identities Determining identities working hours Manually assigning user accounts to identities Entering tickets for identities Assigning extended properties to identities Reports about identities Basic configuration data for identities
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing identities Configuration parameters for managing devices and workdesks

Reports about identities

One Identity Manager makes various reports available containing information about the selected base object and its relations to other One Identity Manager database objects.The following reports are available for identities.

NOTE: Other sections may be available depending on the which modules are installed.

Table 34: Reports about identities
Report Description

Entitlement Origins

The report shows an identity's entitlements and roles and the possible assignment methods.

Request history

The report provides you with an overview of each IT Shop request made by an identity. The report is divided into approved, canceled, denied, and pending requests. You can trace when and why each product was requested, renewed, or unsubscribed.

View completed requests by clicking on Show. In the approval history you can see the approval workflow, the results of each approval step and the approver. The Show button shows you the current approval status of pending requests.

Data quality of direct reports

This report evaluates the data quality of identity data. All identities under supervision are taken into account.

Identities per department

This report contains the number of identity per department. The primary and secondary assignments to organizations are taken into account. You can find this report in My One Identity Manager.

Identities per cost center

This report contains the number of identity per cost center. The primary and secondary assignments to organizations are taken into account. You can find this report in My One Identity Manager.

Identities per location

This report contains the number of identity per location. The primary and secondary assignments to organizations are taken into account. You can find this report in My One Identity Manager.

Data quality summary for identity data

The report contains different analyzes of data quality for all identities. You can find this report in My One Identity Manager.

Access overview at specific point-in-time

This report contains detailed information about personal and organizational data as well as an overview of the company resources that the identity owned at a specific point-in-time. This includes all assigned user accounts, system entitlements, roles, account definitions, resources, and software.

Attestation cases

The report shows closed and pending attestation cases for which the identity was identified as the attestor. If the identity is logged in to the Manager, they can use the report to grant or deny attestation case approval. Use Approve or Deny to grant or deny approval. Enter the reason in Approval reason and click on the Carry out approval button. If a report has been defined for the attestation instance, you can view it using the Show report button in the column.

Use the Show attestation history task to display each step in the attestation case. This allows you to track the chronological sequence and approvals in the attestation case. The attestation history is displayed for pending and closed attestations.

NOTE: This report is available if the Attestation Module exists.

Overview with roles and user accounts

The report contains detailed information about personal and organizational data as well as user accounts, roles, and entitlements currently assigned to the identity.

You can decide whether to include dependent identities in the report.

Overview with roles and user accounts (including history)

The report contains detailed information about personal and organizational data as well as user accounts, roles, and entitlements currently assigned to the identity including historical data.

Select the end date for displaying the history (Min. date). Older changes and assignments that were removed before this date, are not shown in the report.

You can decide whether to include dependent identities in the report.

NOTE: This report is available if the Target System Base Module exists.

Direct reports overview

The report shows all identities that report directly. This displays detailed information about personal and organizational data as well as current user accounts, roles, and entitlements.

NOTE: This report is available if the Target System Base Module exists.

Direct reports overview (including history)

All identities that report directly including the history. This shows detailed information about personal and organizational data as well as current user accounts, roles, and entitlements including the historical data.

Select the end date for displaying the history (Min. date). Older changes and assignments that were removed before this date, are not shown in the report.

Show user accounts overview (including history)

This report returns all the user accounts with their permissions including a history.

Select the end date for displaying the history (Min. date). Older changes and assignments that were removed before this date, are not shown in the report.

NOTE: This report is available if the Target System Base Module exists.

User accounts of direct reports (including history)

This report returns all the user accounts with their permissions including a history.

Select the end date for displaying the history (Min. date). Older changes and assignments that were removed before this date, are not shown in the report.

NOTE: This report is available if the Target System Base Module exists.

Show owned system entitlements (incl. history)

This report shows the system entitlements with the assigned user accounts including a history.

Select the end date for displaying the history (Min. date). Older changes and assignments that were removed before this date, are not shown in the report.

NOTE: This report is available if the Target System Base Module exists.

Overview of identity's privileged access.

The report contains detailed information about personal and organizational data as well as the identity's current privileged access.

NOTE: This report is available if the Privileged Account Governance Module exists.

Related topics

Basic configuration data for identities

The following basic configuration data is required for managing identities.

  • Configuration parameter

    Use configuration parameters to configure the behavior of the system's basic settings. One Identity Manager provides default settings for various configuration parameters. Check the configuration parameters and modify them as necessary to suit your requirements.

    Configuration parameters are defined in the One Identity Manager modules. Each One Identity Manager module can also install configuration parameters. In the Designer, you can find an overview of all configuration parameters in the Base data > General > Configuration parameters category.

  • Business partners

    When external identities are entered into the system, a company must be named.

  • Mail templates

    The login data for new user accounts in a target system can be sent to a specified identity by email. In this case, two messages are sent with the user name and the initial password. Mail templates are used to generate the messages.

  • Password policy

    An identity's central password is formed from the target system specific user accounts by respective configuration. The Password policy for central password of identities password policy defines the settings for the central password.

Detailed information about this topic

Creating and editing business partners for external identities

To manage external identities you require information about the business partner. Enter data for the external company.

To create a business partner

  1. In the Manager, select the Identities > Basic configuration data > Business partners category.

  2. Click in the result list.

  3. On the main data form, edit the main data of the company.

  4. Save the changes.

To edit the main data of a business partner

  1. In the Manager, select the Identities > Basic configuration data > Business partners category.

  2. In the result list, select a company and run the Change main data task.

  3. Edit the business partner's main data.

  4. Save the changes.

Enter the following data for a company.

Table 35: General main data of a company

Property

Description

Company

Short description of the company for the views in One Identity Manager tools.

Name

Full company name.

Surname prefix

Additional company name.

Short name

Company's short name.

Contact

Contact person for the company.

Partner

Specifies whether this is a partner company.

Customer number

Customer number at the partner company.

Supplier

Specifies whether this is a supplier.

Customer number

Customers number at supplier.

Leasing partner

Specifies whether this is a leasing provider or rental firm.

Manufacturer

Specifies whether this is a manufacturer.

Remarks

Text field for additional explanation.

Table 36: Company address

Property

Description

Street

Street or road.

Building

Building

Zip code

Zip code.

City

City.

State

State.

Country

Country.

Phone

Company's telephone number.

Fax

Company's fax number.

Email address

Company's email address.

Website

Company's website. Click the button to display the web page in the default web browser.

Mail templates for notifications about identities

One Identity Manager supplies mail templates by default. These mail templates are available in English and German. If you require the mail body in other languages, you can add mail definitions for these languages to the default mail template.

To edit a default mail template

  • In the Manager, select the Identities > Basic configuration data > Mail templates > Predefined category.

Related topics
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택