To rename a Managed Unit
To delete a Managed Unit, right-click the Managed Unit, and then click Delete.
When you delete a Managed Unit, the objects held in the Managed Unit are not deleted. The deletion erases the membership rules, permission settings, and policy settings associated with the Managed Unit.
This scenario involves the creation of an administrative view named Sales in an organization with an OU-based structure of Active Directory.
Suppose an organization has offices in USA and Canada. The rule for including a user in an OU is the geographical location of the user. Therefore, all users who work in USA reside in the USA OU, and those working in Canada reside in the Canada OU.
The offices in USA and Canada each have Marketing, Development, and Sales departments. By creating a Sales MU, it is possible to manage users from the Sales departments in USA and Canada collectively, without changing the actual OU-based structure.
When delegating control of an MU, all users that belong to the MU inherit security settings defined at the level of the Managed Unit. Thus, applying an Access Template to a Managed Unit specifies the security settings for each user in the MU.
To implement this scenario, perform the following steps:
As a result, the members of the group gain control of user accounts that belong to the Sales MU. The scope of control is defined by the permissions in the Sales Access Template.
The following sections elaborate on the steps to implement this scenario.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy