Administrator roles can be assigned directly or indirectly to user accounts. Indirect assignment is carried out by allocating the employee and administrator roles in company structures, like departments, cost centers, locations or business roles. If the employee has a user account in Azure Active Directory, the administrator roles in the role are inherited by this user account.
To react quickly to special requests, you can assign administrator roles directly to user accounts.
To assign a user account directly to an administrator role.
Assign user accounts in Add assignments.
The view- OR -
Remove user accounts from Remove assignments.
Installed Modules: | System Roles Module |
Use this task to add an administrator role to system roles. When you assign a system role to an employee, the administrator roles are inherited by all user accounts that these employees have.
|
NOTE: Administrator roles with the option Only use in IT Shop set, can only be assigned to system roles that also have this option set. |
To assign an administrator role to system roles
Assign system roles in Add assignments.
- OR -
Remove system roles from Remove assignments.
Once an administration role has been assigned to an IT Shop shelf, it can be requested by the shop customers. To ensure it can be requested, further prerequisites need to be guaranteed.
|
NOTE: IT Shop administrators can assign administrator roles to IT Shop shelves in the case of role-based login. Target system administrators are not authorized to add administrator roles in the IT Shop. |
To add an administrator role in the IT Shop
- OR -
Select the category Entitlements | Azure Active Directory administrator roles (role-based login).
To remove a role from individual IT Shop shelves
- OR -
Select the category Entitlements | Azure Active Directory administrator roles (role-based login).
To remove an administrator role from individual IT Shop shelves
- OR -
Select the category Entitlements | Azure Active Directory administrator roles (role-based login).
The administrator role is removed from all shelves by the One Identity Manager Service. All requests and assignment requests with this administrator role are canceled in the process.
For more detailed information about request from company resources through the IT Shop, see the One Identity Manager IT Shop Administration Guide.
After you have entered the master data, you can apply different tasks to it. The task view contains different forms with which you can run the following tasks.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy