You can use the Active Roles Web Interface to delete an existing Active Roles Starling Connect user. When the Active Roles user is deleted, then the user is deleted on the selected connected system.
Active Roles provides the ability to deprovision SaaS product users. When an Active Roles user is deprovisioned, if the user is mapped to Starling Connect, then the user is deprovisioned from the selected connected system. This means the Active Role SaaS product user is prevented from logging on to the network and connecting to any of the connected systems through the registered connectors.
The Deprovision command on a user updates the account as prescribed by the deprovisioning policies.
Active Roles comes with a default policy to automate some commonly-used deprovisioning tasks, and allows the administrator to configure and apply additional policies.
To deprovision a user for a SaaS product
Click the specific domain, Container or the Organizational Unit, and then select the check box corresponding to the specific user, which you want to deprovision for SaaS products
A message is displayed prompting you to confirm the account deprovision.
Wait while Active Roles updates the user.
After the task is completed, a message is displayed that the account is deprovisioned successfully from Active Roles.
If the user is mapped to Starling Connect, then the user is deprovisioned from the connected systems.
To undo deprovision of a user for a SaaS product
The list of Active Directory domains is displayed.
Click the specific domain, Container or the Organizational Unit, and then select the check box corresponding to the specific user, which you want to undo deprovision for SaaS products.
The Password Options dialog box is displayed.
The Notification pane displays the notification specific to Starling operations. The notifications are classified into Starling Connect and Updates.
|
IMPORTANT:
|
To view the Starling Connect notification
Starling Connect and Updates tabs are displayed.
|
NOTE: The latest five notifications are sent only to the initiator of the operation. |
To view the Updates
Starling Connect and Updates tabs are displayed.
|
NOTE: The notifications are sent to all the users who have joined Starling on the Administration website. |
To view notifications on the Notifications page
Starling Connect and Updates tabs are displayed.
Click the Starling Connect tab to view the notifications specific to SaaS operations.
The latest five notifications are displayed with the configuration status and a brief description.
Click View all notifications to view the details about the notification.
The Notification page is displayed.
Click Filter drop-down menu to filter the notifications based on time, connector name , status, and keywords.
You can configure notifications settings from the Home screen | Settings page and Home screen | Customization | Global Settings.
To configure notification settings on the Settings page
The Settings page is displayed.
|
NOTE: By default, the time is set to 0 and the notifications do not expire. You can update the time to the required limit in minutes. |
|
NOTE: The maximum number of notifications that can be stored is 1000. |
To configure notification settings on the Customization page
The Customization page is displayed.
|
NOTE: By default, the time is set to 0. You can update the time to the required limit in minutes. |
|
NOTE: The maximum number of notifications that can be stored is 1000. |
Active Roles provides support to connect to Starling Connect to manage the user provisioning and deprovisioning activities for the registered connectors. This is achieved through the internal attribute mapping mechanism. The AD attributes are mapped to SCIM attributes to perform each operation.
SCIM attribute mapping with Active Directory for Users
SCIM attribute mapping with Active Directory for Groups
SCIM | Active Directory |
displayName | cn |
members |
member |
|
|
manager |
managedBy |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy