Chat now with support
Chat with Support

Identity Manager On Demand Hosted - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning employees, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded employees Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Reports about departments, cost centers, and locations
Employee administration
One Identity Manager users for employee administration Basic data for employee main data Employee's central user account Employee's default email address Employee's central password Mapping multiple employee identities Password policies for employees Creating and editing employees Disabling and deleting employees Deleting all employee related data Limited access to One Identity Manager Changing the certification status of employees Assigning company resources to employees Displaying the origin of employees' roles and entitlements Analyzing role memberships and employee assignments Displaying the employees overview Displaying and deleting employees' Webauthn security keys Determining the language for employees Determining employees working hours Manually assigning user accounts to employees Entering calls for employees Assigning extended properties to employees Employee reports
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing employees Configuration parameters for managing devices and workdesks

Commercial data for devices

Enter the following asset data for a device.

NOTE: Prices are given to 2 decimal places by default. The number of decimal places to enter can be modified in the Designer. For more information, see the One Identity Manager Configuration Guide.

Table 60: Commercial data of a device

Property

Description

Acquisition date

Date of purchase.

Delivery date

Date of delivery.

Delivery voucher number

Delivery voucher number.

Voucher

Voucher. For more information about vouchers, see the One Identity Manager Chargeback Administration Guide.

Warranty

Warranty expiry date.

Warranty number

Warranty number.

Setup date

Date of going into operation.

Owner

Leasing company.

supplier

Name of supplier.

Manufacturer

Name of manufacturer.

Purchase price

Purchase price.

Internal price

Internal price.

Sales price

Sales price.

Currency

Currency unit

Inventory note

Text field for additional explanation.

Withdrawal date

Date for writing off the device.

Investment

Investment or investment plan.

Leasing fee

Leasing fee.

Internal transfer price

Internal transfer price.

Depreciation month

Depreciation in months

Related topics

Managing resources

One Identity Manager not only offers the possibility to map IT resources but also non-IT resources such as mobile telephones, desks, company cars, and keys: in other words, everything that is necessary to create an efficient working environment for an employee. You can assign resources directly to an employee or through classification into hierarchical roles in the One Identity Manager. Similarly, you can resources request for an employee through the IT Shop.

Resources are divided up from a functional point of view.

Table 61: Resource types

Type

Description

Table

Resources

Resources that an employee (workdesk, device) may own just once.

The resources can be requested in the IT Shop just once. The resources are assigned to the employees after approval has been granted. They remain assigned until the request is unsubscribed. You can request them again a later point.

Example: phone, company car.

QERResource

Multi-request resources

Resources that can be requested more than once in the IT Shop. Requests are automatically canceled once approved. The resources are not explicitly assigned to employees.

Example: resource for requesting remote desktop sessions for assets in a PAM system; consumables, such as pens, printing paper.

QERReuse

Multi requestable/unsubscribable resources

Resources that an employee can request more than once in the IT Shop but must return them explicitly once they are no longer needed. The resources are assigned to the employees after approval has been granted. They remain assigned until the request is canceled.

Example: printer, monitor.

QERReuseUS

Assignment resources

Assignment resources are special resources for requesting any number of assignments to hierarchical roles or to delegate responsibilities in the IT Shop.

For detailed information about assignment resources, see the One Identity Manager IT Shop Administration Guide.

QERAssign

Detailed information about this topic

One Identity Manager users for managing resources

The following users are used for user administration.

Table 62: Users
Users Tasks

Administrators for the IT Shop

Administrators must be assigned to the Request & Fulfillment | IT Shop | Administrators application role.

Users with this application role:

  • Edit the resources and assign them to IT Shop structures.

One Identity Manager administrators

One Identity Manager administrator and administrative system users Administrative system users are not added to application roles.

One Identity Manager administrators:

  • Create customized permissions groups for application roles for role-based login to administration tools in the Designer as required.

  • Create system users and permissions groups for non role-based login to administration tools in the Designer as required.

  • Enable or disable additional configuration parameters in the Designer as required.

  • Create custom processes in the Designer as required.

  • Create and configure schedules as required.

  • Create and configure password policies as required.

Basic data for resources

The following basic data is required for managing resources.

  • Resource types

    You can use resource types to group resources.

  • Extended properties

    Extended properties are meta objects, such as operating codes, cost codes, or cost accounting areas that cannot be mapped directly in One Identity Manager.

Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating