Active Roles Web interface enables you to perform bulk attributes operation for multiple users at a time.
To perform bulk attribute operation
The batch operations that can be performed on users are displayed in the Command pane.
The Update object attributes window is displayed, which lists the user attributes that can be selected for bulk operation.
The selected attribute with the updated value is displayed in the Select attribute table.
The Preview tab | Operation Summary section displays the summary of the selected attributes with the new values to be updated after the bulk operation is performed. To export the details, click Export as CSV.
|
NOTE:
|
Active Roles Web interface enables you to reset the password for multiple users at a time.
To perform bulk users password reset operation
The batch operations that can be performed on users are displayed in the Command pane.
The Reset Password window is displayed.
The password reset gets completed and the changes can be viewed on the selected user's Change History tab.
Enterprises usually design their OU-based network structure on geographical or departmental boundaries, restricting the ability to delegate administration outside these boundaries. However, they can face situations that require objects to be grouped together in ways that differ to the OU structure.
Active Directory offers a comprehensive delegation model. However, since the scope of delegation is defined using Organizational Units, distributed administration in Active Directory is constrained by the OU structure.
In Active Directory, without changing the directory structure, it is impossible to re-group objects so that the new “groups” support inheritance for their members when delegating control or enforcing policy. As a solution to this inflexible, OU-based structure, Active Roles provides the facility to configure administrative views that meet any directory management needs. The administrative views (Managed Units) allow distributed administration to be independent of the OU hierarchy.
Thus, Active Roles provides Managed Units (MUs)—securable, flexible, rules-based administrative views. MUs represent dynamic virtual collections of objects of different types. MUs may include any directory objects, regardless of their location in the network. This allows objects to be grouped into administrative views that are independent of the OU-based structure.
Managed Units allow organizations to implement OU structures on a geographical basis, but distribute administration on a functional basis. For example, all users in a particular department, regardless of their location in different OUs, could be grouped into a single Managed Unit for the purposes of delegating access control and enforcing administrative policy. The members of that Managed Unit would remain in their geographically defined OUs, leaving the OU structure unaffected.
Managed Units make it possible to organize an enterprise in any particular way, without changing the underlying domain and OU structure. Managed Units can include directory objects from different domains, trees and forests, as well as from other Managed Units. In addition, different Managed Units can have common members. These features of Managed Units create an environment that is both secure and easy to manage.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy