This guide describes how to configure Cloud Access Manager with the user mapping tool. The user mapping tool enables you to map user applications to their user account in Active Directory where the username is not derived from subject mapping.
For information on configuring Cloud Access Manager, please refer to the One Identity Cloud Access Manager Configuration Guide.
When an application account is provisioned in Cloud Access Manager, the attribute specified in the Take the username from the following attribute field on the Subject Mapping page determines how the usernames associated with the application are derived, for example sAMaccountname or mail. For further information, please refer to the One Identity Cloud Access Manager Configuration Guide.
If the user has an existing account for an application that has provisioning enabled in Cloud Access Manager, but the user’s existing username for the application does not comply with the attribute specified on the Subject Mapping page, you can apply the user mapping tool to map their existing application username to their user account in Active Directory.
To map users
When you have completed the application configuration wizard, click Go to User Mapping on the Federation Settings page.
NOTE: The user mapping tool lists the users in the:
You can filter these lists to pinpoint the users that you want to map.
Select the users you want to map and click Map User.
The current mapping for the username is shown in the Active Directory list and in the application list.
As the administrator, you can map users when you configure the application in Cloud Access Manager, or you can map users after the application has been configured.
You can map users after the application has been configured, either:
To un-map a user