Chat now with support
Chat with Support

Identity Manager 9.1 - Authorization and Authentication Guide

About this guide One Identity Manager application roles Granting One Identity Manager schema permissions through permissions groups Managing permissions to program functions One Identity Manager authentication modules OAuth 2.0/OpenID Connect authentication Multi-factor authentication in One Identity Manager Granular permissions for the SQL Server and database Installing One Identity Redistributable STS Preventing blind SQL injection Program functions for starting the One Identity Manager tools Minimum access levels of One Identity Manager tools

Granular permissions for the SQL Server and database

To implement a One Identity Manager database or a One Identity Manager History Database on a SQL Server or a managed instance in Azure SQL Database, you are provided with SQL Server logins and database users for administrative users, configuration users and end users. Permissions at server and database level are matched to suit the user's tasks.

Normally, you cannot edit users and permissions. It may be necessary to set up an additional database user to use a One Identity Manager History Database.

For more information about users and their permissions, see the One Identity Manager Installation Guide. and the One Identity Manager Data Archiving Administration Guide.

Related topics

Displaying database server logins

To display login information

  1. In the Designer, select the Base data > Security settings > Database server permissions > Database server login category.

  2. Select the database server login. The following information is displayed:

    • Login name: The user's SQL Server login.

    • Database server login: Type of database user.

    • Access level: The access level for logging in. The access levels displayed are End user, Configuration user, Administrative user, System administrator, and Unknown.

  3. To show the database roles and server roles that are assigned, select the Database or server role tab.

Displaying users' access levels

NOTE:

  • If you select an existing database connection in the connections dialog, the access level of the login to be used is shown in a tooltip.

  • Some user interfaces expect configuration user permissions at least. Logging in as an end user is not possible in this case.

To find the access level of the logged in user

  • To display user information, double-click the icon in the program status bar

    On the System user tab, in the SQL access level field, you will see the access level for the current login. The access levels displayed are End user, Configuration user, Administrative user, System administrator, and Unknown.

Related topics

Displaying server roles and database roles permissions

Server and database permissions are predefined and cannot be modified.

NOTE: The End user role database role is permitted for custom schema extensions.

To display server and database permissions

  • In the Designer, select server role or the database role in the Base data > Security settings > Database server permissions > Database server login category.

    This opens the List Editor showing a list of permissions.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating