Chat now with support
Chat with Support

Identity Manager 8.0 - Administration Guide for Connecting to Custom Target Systems

Managing Custom Target Systems Setting up Script Controlled Data Provisioning in a Custom Target System Base Data for Custom Target Systems Setting up a Custom Target System Container Structures in a Custom Target System User Accounts in a Custom Target System Groups in a Custom Target System Entering Permissions Controls Reports about Custom Target Systems Appendix: Configuration Parameters for Managing Custom Target Systems

Group Inheritance Based on Categories

In One Identity Manager, groups can be selectively inherited by user accounts. For this, groups and user accounts are divided into categories. The categories can be freely selected and are specified by a template. Each category is given a specific position within the template. The template contains two tables; the user account table and the group table. Use the user account table to specify categories for target system dependent user accounts. Enter your categories for the target system dependent groups, administrative roles, subscriptions and disabled service plans in the . Each table contains the category items "Position1" to "Position31".

Every user account can be assigned to one or more categories. Each group can also be assigned to one or more categories. The group is inherited by the user account when at least one user account category item matches an assigned group. The group is also inherited by the user account if the group or the user account is not put into categories.

NOTE: Inheritance through categories is only taken into account when groups are assigned indirectly through hierarchical roles. Categories are not taken into account when groups are directly assigned to user accounts.
Table 36: Category Examples
Category Position Categories for User Accounts Categories for Groups
1 Default user Default permissions
2 System user System user permissions
3 System administrator System administrator permissions

Figure 1: Example of inheriting through categories.

To use inheritance through categories

  • Define categories in the target system.
  • Assign categories to user accounts through their master data.
  • Assign categories to groups through their master data.
Related Topics

Assigning Extended Properties

Assigning Extended Properties

Extended properties are meta objects that cannot be mapped directly in the One Identity Manager, for example, operating codes, cost codes or cost accounting areas.

To specify extended properties for a group

  1. Select the category Custom target systems | <target system> | Groups.
  2. Select the group in the result list.
  3. Select Assign extended properties in the task view.
  4. Assign extended properties in Add assignments.

    The view- OR -

    Remove extended properties from Remove assignments.

  5. Save the changes.

For more detailed information about using extended properties, see the One Identity Manager Identity Management Base Module Administration Guide.

Assigning Permissions Controls

Assigning Permissions Controls

Use this task to assign permissions controls to groups.

To assign permissions controls to a group

  1. Select the category Custom target systems | <target system> | Groups.
  2. Select the group in the result list.
  3. Select Assign permissions controls.
  4. Double-click on the permission controls you want to assign in Add assignments.

    - OR -

    Double-click on the permissions controls in Remove assignments to remove their assignments.

  5. Save the changes.
Related Topics

Entering Permissions Controls

Entering Permissions Controls

Use permissions controls to map more properties of the target systems. To do this, you can import the data you want into the One Identity Manager from the connected target system. You can also add permissions controls in the One Identity Manager.

To edit permissions controls

  1. Select the category Custom target systems | <target system> | Permissions controls.
  2. Select a permissions control in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  3. Edit the permissions controls' master data.
  4. Save the changes.
Detailed information about this topic
Related Documents