Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Custom Group Files Format

Subject

To sort and filter the data according to custom groups, you must create definition files for these groups.

Prerequisites
  • These files must be in CSV and UTF-8 formats and installed in the C:\Program Files\Common Files\One Identity\IAR\datasources\CSV directory.
  • Each file must at least contain for each object (user, access point or account) its DN and the group it belongs to.
  • All the attributes are separated by semi-colons. If there is no value, the field must exist anyway.
Description

For the users

The file header must start with: userGUID;userName;userDN;customGroup

where

  • userGUID is the GUID of the user.
  • userName is the name of the user.
  • userDN is the DN of the user (mandatory).
  • customGroup is the name of the group to which belongs the user.

For the access points

The file header must start with: accessPointGUID;accessPointName;accessPointDN;customGroup

where

  • accessPointGUID is the GUID of the access point.
  • accessPointName is the name of the access point.
  • accessPointDN is the DN of the access point (mandatory).
  • customGroup is the name of the group to which belongs the access point.

For the accounts

The file header must start with: loginId;customGroup

where

  • loginId is the name of the account (mandatory).
  • customGroup is the name of the group to which belongs the access point. If the account group file is specific to an application, the group name can be empty (do not forget the semi-colon to delimit both fields of the file). In that case, the value of the parameter corresponding to the application name is taken by default into account. Otherwise, the name of the application specified in the file must be the one known by E-SSO.
Examples

For the access points

accessPointGUID;accessPointName;accessPointDN;customGroup

5dce49e74d669b47822d0e5fae6266b4;DCXP1;CN=DCXP1,CN=Computers,DC=dev,DC=ua,DC=dom;F8SSOL

e68ad7bc8296494a9f1e2a2dc58766d5;UADEV-XPAR;CN=UADEV-XPAR,
CN=Computers,DC=dev,DC=ua,DC=dom;F8SSOL

2350e272de80d1439814dae7704a3a61;SERK;CN=SERK,CN=Computers,DC=dev,DC=ua,DC=dom;F8SSOL

;;CN=CN-WIN7-VM,CN=Computers,DC=dev,DC=ua,DC=dom;F8SSOL

2dd3a8f8725a6348a7b0bb8867b622c5;UADEV-XPEN;CN=UADEV-XPEN,
CN=Computers,DC=dev,DC=ua,DC=dom;

For the accounts

loginId;customGroup

dupont-j;

martin-p;

dupond-y;

Related Documents