Extended properties are meta objects that cannot be mapped directly in the One Identity Manager, for example, operating codes, cost codes or cost accounting areas.
To specify extended properties for a user account
- OR -
Remove extended properties from Remove assignments.
When user accounts are added, the values of various master data are determined using templates. The One Identity Manager tries to identify and classify an authentication object using user account properties during synchronization. To use custom authentication modes the templates of different columns must be modified if necessary. Create custom templates so that authentication modes can be assigned automatically to user accounts and the login names can be correctly formatted.
To use custom authentication modes
Configuration parameter | Meaning |
---|---|
TargetSystem\SharePoint\PersonAutoFullSync |
This configuration parameter specifies the mode for automatic employee assignment for user accounts added to or updated in the database through synchronization. |
TargetSystem\SharePoint\PersonAutoDefault |
This configuration parameter specifies the mode for automatic employee assignment for user accounts added to the database outside synchronization. |
When you add a
If you run this procedure during working hours, automatic assignment of employees to user accounts takes place from that moment onwards. If you disable the procedure again later, the changes only affect user accounts added or updated after this point in time. Existing employee assignment to user accounts remain intact.
|
NOTE: It is not recommended to assign employees using automatic employee assignment in the case of administrative user accounts. Use the task Change master data to assign employees to administrative user account for the respective user account. |
Prerequisites:
Run the following tasks to assign employees automatically.
|
NOTE: The following applies for synchronization:
The following applies outside synchronization:
|
Criteria for employee assignment are defined in the
Search criteria are evaluated when employees are automatically assigned to user accounts. Furthermore, you can create a suggestion list for assignments of employees to user accounts based on the search criteria and make the assignment directly.
|
NOTE: When the employees are assigned to user accounts on the basis of search criteria, user accounts are given the default manage level of the account definition entered in the user account's target system. You can customize user account properties depending on how the behavior of the manage level is defined. It is not recommended to make assignment to administrative user accounts based on search criteria. Use the task Change master data to assign employees to administrative user account for the respective user account. |
|
NOTE: One Identity Manager supplies a default mapping for employee assignment. Only carry out the following steps when you want to customize the default mapping. |
To specify criteria for employee assignment
Apply to | Column on Employee | Column on User Account |
---|---|---|
User accounts (user authenticated) | Central user account (CentralAccount) | Login name (LoginName) |
You can create a suggestion list in the "Assignments" view for assignments of employees to user accounts based on the search criteria. User accounts are grouped in different views for this.
View | Description |
---|---|
Suggested assignments | This view lists all user accounts to which One Identity Manager can assign an employee. All employees are shown who were found using the search criteria and can be assigned. |
Assigned user accounts | This view lists all user accounts to which an employee is assigned. |
Without employee assignment | This view lists all user accounts to which no employee is assigned and for which no employee was found using the search criteria. |
|
TIP: By double-clicking on an entry in the view, you can view the user account and employee master data. |
To apply search criteria to user accounts
All possible assignments based on the search criteria are found in the target system for all user accounts. The three views are updated.
To assign employees directly over a suggestion list
The selected user accounts are assigned to the employees found using the search criteria.
– OR –
This assigns the selected user accounts to the employees shown in the "Employee" column.
To remove assignments
The assigned employees are deleted from the selected user accounts.
© 2022 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy