Chat now with support
Chat with Support

Identity Manager 8.0.1 - Administration Guide for Connecting to Active Directory

Managing Active Directory Environments Setting up Active Directory Synchronization Base Data for Managing Active Directory Active Directory Domains Active Directory User Accounts Active Directory Contacts Active Directory groups Active Directory Security IDs Active Directory Container Structures Active Directory computer Active Directory Printers Active Directory Locations Reports about Active Directory Objects Appendix: Configuration Parameters for Managing Active Directory Appendix: Default Project Template for Active Directory Appendix: Authentication Modules for Logging into the One Identity Manager

Assigning Active Directory Computers directly to Active Directory Groups

Assigning Active Directory Computers directly to Active Directory Groups

Groups can be assigned directly or indirectly to a computer. Indirect assignment is carried out by allocating the device with which a computer is connected and groups to company structures, like departments, cost centers, locations or business roles.

To react quickly to special requests, you can assign groups directly to a computer.

To assign a computer directly to groups

  1. Select the category Active Directory | Computers.
  2. Select the computer in the result list.
  3. Select Assign groups in the task view.
  4. Assign groups in Add assignments.

    The view- OR -

    Remove groups from Remove assignments.

  5. Save the changes.

NOTE: The computer's primary group is already assigned and labeled as "Not yet applied". Edit the computer's master data to change its primary group.

Related Topics

Run Diagnosis

Run Diagnosis

You can use the following tasks to run a diagnosis of the if the computer can be found on the network and if you have sufficient access permissions.

Table 79: Diagnostics Tasks
Task Description
Diagnostics - Browse This opens a Window Explorer window. All shares for the selected computer are shown.
Diagnostics - Windows Diagnostics This opens the system information (winmsd.exe or msinfo32.exe) for the computer.
Windows Computer Administration This opens the Microsoft Management console for computer administration for the selected computer. For example, here you can see the result log or the local user administration.

To run diagnostics for a computer

  1. Select the category Active Directory | Computers.
  2. Select the computer and run the required diagnosis task from the task view.

Active Directory Printers

Active Directory Printers

It is important for the administration of printers, to remember that printers are physically present in the network. All shared printers of a domain are read into One Identity Manager during synchronization.

To display a printer

  1. Select the category Active Directory | Printers.
  2. Select a printer in the result list and select the task Change master data.

    - OR -

    Click in the result list toolbar.

Following information is displayed for a printer.

Table 80: Printer master data
Property Description
Printer name Name of the printer.
Driver Printer driver identifier.
Active Directory computer Computer or server to which the printer is connected.
Full server name Full name of the server to which the printer is connected.
Server Server's short name.
Port Printer connection.
UNC name Universal Naming Convention (UNC) address of the printer.
Location description Spare text box for additional explanation.
Description Spare text box for additional explanation.
Duplex Specifies whether double sided printing is supported.
Color Specifies whether color is supported.
Supports sorter Defines whether the printer supports a sorter.
Pages per minute Printer speed in page per minute.
Max. resolution [dpi] Maximum printer resolution in dpi.
Max. horizontal resolution Maximum printer resolution along the X-axis (width).
Max. vertical resolution

Maximum printer resolution along the Y-axis (height).

Spare fields no. 01.....spare field no. 10

Additional company specific information. Use the Designer to customize display names, formats and templates for the input fields.

Active Directory Locations

Active Directory Locations

Locations are a group of computers based on networking information. In Active Directory, location data is used to control replication between domain controllers.

The information about Active Directory locations is loading into the One Identity Manager during synchronization and cannot be edited.

To display location information

  1. Select the category Active Directory | Locations.
  2. Select the location in the result list.
  3. To display a location's server, select Location overview in the task view.
  4. To display a location's master data, select Change master data in the task view.

Following information about locations is displayed.

Table 81: Location master data
Property Description
Name Location name.
Canonical name The location's canonical name
Description Spare text box for additional explanation.
Location description Spare text box for additional explanation.
Domain The name of the domain this location belongs to.
subnets IP address range at this location.
Related Documents