Entering Master Data for SharePoint Roles
Entering Master Data for SharePoint Roles
| Configuration parameter | Meaning |
|---|---|
| QER\CalculateRiskIndex | Preprocessor relevant configuration parameter controlling system components for calculating an employee's risk index. Changes to the parameter require recompiling the database.
If the parameter is set, values can be entered and calculated for the risk index. |
To edit SharePoint role master data
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the SharePoint role in the result list. Select Change master data in the task view.
- Enter the required data on the master data form.
- Save the changes.
The following properties are displayed for SharePoint roles.
| Property | Description |
|---|---|
| Display name | SharePoint role display name. |
| Permission level | Unique identifier for the permission level on which the SharePoint role is based. |
| Site | Unique identifier for the site that inherits its permissions from the SharePoint role. |
| Risk index |
Value for evaluating the risk of assigning the SharePoint role to user accounts. Enter a value between 0 and 1. This property is only visible when the configuration parameter QER\CalculateRiskIndex is set. |
| Description | Spare text box for additional explanation. |
| Service item | Service item data for requesting the group through the IT Shop. |
|
IT Shop |
Specifies whether the SharePoint role can be requested through the IT Shop. This SharePoint role can be requested by staff through the Web Portal and granted through a defined approval procedure. The SharePoint role can still be assigned directly to employees and hierarchical roles. |
|
Only for use in IT Shop |
Specifies whether the SharePoint role can only be requested through the IT Shop. This SharePoint role can be requested by staff through the Web Portal and granted through a defined approval procedure. The SharePoint role may not assigned directly to hierarchical roles. |
|
|
NOTE: If the SharePoint role references a permission level with the Hidden option set, the options IT Shop and Only use in IT Shop cannot be set. You cannot assign these SharePoint roles to user accounts or groups. |
Detailed information about this topic
- Entering Master Data for SharePoint Permission Levels
- One Identity Manager Risk Assessment Administration Guide
Assigning SharePoint Roles to SharePoint User Accounts
Assigning SharePoint Roles to SharePoint User Accounts
SharePoint roles can be assigned directly or indirectly to user accounts. In the case of indirect assignment, employees and SharePoint roles are arranged in hierarchical roles. The number of SharePoint roles assigned to an employee is calculated from the position in the hierarchy and the direction of inheritance. If you add an employee to hierarchical roles and the employee owns a user authenticated user account, the user account is added to the SharePoint role. Prerequisites for indirect assignment of employees to user accounts:
- Assignment of employees and groups is permitted for role classes (department, cost center, location or business role).
- The option Group authenticated is not set in the user accounts.
- User accounts are marked with the option Groups can be inherited.
- User accounts and SharePoint groups belong to the same site collection.
Furthermore, IT Shop roles can be assigned to employees through SharePoint requests. Add employees to a shop as customers so that SharePoint roles can be assigned through IT Shop requests. All SharePoint roles, which are assigned to this shop as products, can be requested by the customers. Requested SharePoint roles are assigned to the employees after approval is granted.
|
|
NOTE: SharePoint roles that reference permission levels with have the option Hidden set, cannot be assigned to business roles and organizations. These SharePoint roles can be neither directly nor indirectly assigned to user accounts or groups. |
Detailed information about this topic
- Entering Master Data for SharePoint Permission Levels
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Groups to SharePoint Roles
- Adding SharePoint Roles to System Roles
- Adding SharePoint Roles to the IT Shop
- One Identity Manager Identity Management Base Module Administration Guide
Assigning SharePoint Roles to Departments, Cost Centers and Locations
Assigning SharePoint Roles to Departments, Cost Centers and Locations
Assign SharePoint roles to departments, cost centers and locations in order to assign user accounts to them through these organizations.
To assign a SharePoint role to departments, cost centers or locations (non role-based login)
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Assign organizations.
-
Assign organizations in Add assignments.
- Assign departments on the Departments tab.
- Assign locations on the Locations tab.
- Assign cost centers on the Cost center tab.
- OR -
Remove the organizations from Remove assignments.
- Save the changes.
To assign SharePoint roles to departments, cost centers or locations (role-based login)
- Select the category Organizations | Departments.
- OR -
Select the category Organizations | Cost centers.
- OR -
Select the category Organizations | Locations.
- Select the department, cost center or location in the result list.
- Select Assign SharePoint roles in the task view.
- Assign SharePoint roles in Add assignments.
- OR -
Remove SharePoint roles in Remove assignments.
- Save the changes.
Related Topics
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Groups to SharePoint Roles
- Adding SharePoint Roles to System Roles
- Adding SharePoint Roles to the IT Shop
- One Identity Manager Users for Managing an SharePoint
Assigning SharePoint Roles to Business Roles
Assigning SharePoint Roles to Business Roles
| Installed Module: | Business Roles Module |
You assign SharePoint roles to business roles in order to assign them to user accounts over business roles.
To assign a SharePoint role to business roles (non role-based login)
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Assign business roles in the task view.
- Assign business roles in Add assignments.
- OR -
Remove business roles from Remove assignments.
- Save the changes.
To assign SharePoint roles to a business role (non role-based login)
- Select the category Business roles | <Role class>.
- Select the business role in the result list.
- Select Assign SharePoint roles in the task view.
- Assign SharePoint roles in Add assignments.
- OR -
Remove SharePoint roles in Remove assignments.
- Save the changes.
Related Topics
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Groups to SharePoint Roles
- Adding SharePoint Roles to System Roles
- Adding SharePoint Roles to the IT Shop
- One Identity Manager Users for Managing an SharePoint