Chat now with support
Chat with Support

Identity Manager 9.1.1 - Administration Guide for Connecting to Active Directory

Managing Active Directory environments Synchronizing an Active Directory environment
Setting up initial synchronization with an Active Directory domain Adjusting the synchronization configuration for Active Directory environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing Active Directory user accounts and employees
Account definitions for Active Directory user accounts and Active Directory contacts Assigning employees automatically to Active Directory user accounts Supported user account types Updating employees when Active Directory user account are modified Automatic creation of departments and locations based on user account information Specifying deferred deletion for Active Directory user accounts and Active Directory contacts
Managing memberships in Active Directory groups Login information for Active Directory user accounts Mapping of Active Directory objects in One Identity Manager
Active Directory domains Active Directory container structures Active Directory user accounts Active Directory contacts Active Directory groups Active Directory computers Active Directory security IDs Active Directory printers Active Directory sites Reports about Active Directory objects
Handling of Active Directory objects in the Web Portal Basic data for managing an Active Directory environment Configuration parameters for managing an Active Directory environment Default project template for Active Directory Processing methods of Active Directory system objects Active Directory connector settings

Main data for Active Directory containers

Enter the following data for a container.

Table 30: Main data for a container
Property Description

Name

Container name.

Distinguished name

Container's distinguished name. The distinguished name for the new container is made up of the container name, the object class, the parent container, and the domain, and it cannot be modified.

Structural object class

Structural object class representing the object type.

Object class

List of classes defining the attributes for this object. The object classes listed are read in from the database during synchronization with the Active Directory environment. You can also enter object classes in to the input field. Other properties can be edited depending on the object class.

NOTE: New containers should be set up as organizational units (ORGANIZATIONALUNIT object class). Organizational units (for example, branches, or departments) are used organize Active Directory objects, such as users, groups, and computers, in a logical way and therefore make administration of the objects easier. Organizational units can be managed in a hierarchical container structure.

Domain

Container domain

Parent container

Parent container for mapping a hierarchical container structure. The distinguished name is automatically updated using templates.

Account manager

Manager responsible for the container.

To specify an account manager

  1. Click next to the field.
  2. In the Table menu, select the table that maps the account manager.
  3. In the Account manager menu, select the manager.
  4. Click OK.

Target system manager

Application role in which target system managers are specified for the container. Target system managers only edit container objects that are assigned to them. Each container can have a different target system manager assigned to it.

Select the One Identity Manager application role whose members are responsible for administration of this container. Use the button to add a new application role.

Street

Street or road.

Zip code

Zip code.

Location

Location.

State

State.

Country ID

The country ID.

Description

Text field for additional explanation.

Extended Function

Filter criteria for other representations of the container. Containers marked with this option are only shown in the Active Directory user account and computer manager when advanced mode console view is active.

Protected from accidental deletion

Specifies whether to protect the container against accidental deletion. If the option is set, the permissions for deleting the container are removed in Active Directory. The container cannot be deleted or moved.

Related topics

Deleting Active Directory containers

Containers are deleted permanently from the One Identity Manager database and from Active Directory.

NOTE: Containers with the Protected from accidental deletion option set, cannot be deleted.

To delete an Active Directory container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list.

  3. Delete the container by using .

  4. Confirm the security prompt with Yes.

Moving an Active Directory container

NOTE: 

  • Containers can only be moved within a domain.

  • Containers with the Protected from accidental deletion option set, cannot be deleted.

To move a container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list.

  1. Select the Change main data task.

  2. Select the Change Active Directory container task.
  3. Confirm the security prompt with Yes.
  4. Select the new container from the Containers menu on the General tab.
  5. Save the changes.
Related topics

Displaying the Active Directory container overview

Use this task to obtain an overview of the most important information about a container.

To obtain an overview of a container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list.

  3. Select the Active Directory container overview task.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating