Managing SharePoint Environments
Architecture Overview
One Identity Manager Users for Managing an SharePoint
Claims-Based Authentication
Setting Up SharePoint Farm Synchronization
Users and Permissions for Synchronizing with a SharePoint Farm
Setting Up the Synchronization Server
Creating a Synchronization Project for initial Synchronization of a SharePoint Farm
Special Synchronization Cases for Valid Permissions
Show Synchronization Results
Customizing Synchronization Configuration
Basic Data for Managing SharePoint
How to Configure SharePoint Synchronization
Configuring Synchronization of Several SharePoint Farms
Updating Schemas
Speeding Up Synchronization with Revision Filtering
Post-Processing Outstanding Objects
Configuring Memberships Provisioning
Supporting Analysis of Synchronization Issues
Deactivating Synchronization
Authentication Modes
Prefixes
Zones and Alternative URLs
SharePoint Site Templates
SharePoint Permissions
SharePoint Quotas
SharePoint Languages
Editing a Server
Target system managers
Setting Up Account Definitions
SharePoint Farms
SharePoint Web Applications
SharePointSite Collections and Sites
Creating an Account Definition
Setting Up Manage Levels
Creating a Formatting Rule for IT Operating Data
Determining IT Operating Data
Modifying IT Operating Data
Assigning Account Definitions to Employees
Assigning Account Definitions to Departments, Cost Centers and Locations
Assigning Account Definitions to Business Roles
Assigning Account Definitions to all Employees
Assigning Account Definitions Directly to Employees
Assigning Account Definitions to System Roles
Adding Account Definitions in the IT Shop
Assigning Account Definitions to a Target System
Deleting an Account Definition
SharePoint Site Collections
SharePoint Sites
SharePoint User Accounts
General Master Data for a Site
Address Data for a Site
Site Design Properties
Additional Tasks for Managing Sites
Child Sites Inheriting Permissions
Setting Up SharePoint Site Collections and Sites
Supported User Account Types
Entering Master Data for SharePoint User Accounts
Additional Tasks for Managing SharePoint User Accounts
SharePoint Roles and Groups
Overview of SharePoint User Accounts
Assigning SharePoint Groups Directly to SharePoint User Accounts
Assigning SharePoint Roles directly to User Accounts
Assigning Extended Properties
Using Custom Authentication Modes
Automatic Assignment of Employees to SharePoint User Accounts
Deleting and Restoring SharePoint User Accounts
SharePoint Groups
Permissions for SharePoint Web Applications
Reports about SharePoint Site Collections
Appendix: Configuration Parameters for Managing SharePoint
Appendix: Default Project Template for SharePoint
Entering Master Data for SharePoint Groups
Assigning SharePoint Groups to SharePoint User Accounts
SharePoint Roles and Permission Levels
Assigning SharePoint Groups to Departments, Cost Centers and Locations
Assigning SharePoint Groups to Business Roles
Assigning SharePoint User Accounts directly to an SharePoint Group
Assigning SharePoint Roles to SharePoint Groups
Adding SharePoint Groups to System Roles
Adding SharePoint Groups to the IT Shop
Adding SharePoint Groups automatically to the IT Shop
Additional Tasks for Managing SharePoint Groups
Overview of SharePoint Groups
Effectiveness of Group Memberships
SharePoint Group Inheritance Based on Categories
Assigning Extended Properties to a SharePoint Group
Deleting SharePoint Groups
Entering Master Data for SharePoint Permission Levels
Additional Tasks for Managing SharePoint Permission Levels
Special Synchronization Cases for Valid Permissions
Entering Master Data for SharePoint Roles
Assigning SharePoint Roles to SharePoint User Accounts
Assigning SharePoint Roles to Departments, Cost Centers and Locations
Assigning SharePoint Roles to Business Roles
Assigning SharePoint User Accounts directly to a SharePoint Role
Assigning SharePoint Groups to SharePoint Roles
Adding SharePoint Roles to System Roles
Adding SharePoint Roles to the IT Shop
Additional Tasks for Managing SharePoint Roles
Deleting SharePoint Roles and Permission Levels
Assigning SharePoint User Accounts directly to a SharePoint Role
SharePoint Roles and Groups > SharePoint Roles and Permission Levels > Assigning SharePoint Roles to SharePoint User Accounts > Assigning SharePoint User Accounts directly to a SharePoint Role
Assigning SharePoint User Accounts directly to a SharePoint Role
SharePoint roles can be assigned directly or indirectly to user accounts. Indirect assignment can only be used for user authenticated user accounts. Direct assignment can only be used for group and user authenticated user accounts.
User accounts and SharePoint roles must belong to the same site collection.
|
|
NOTE: SharePoint roles that reference permission levels and have the option hidden set, cannot be assigned to user accounts. |
To assign a SharePoint role directly to user accounts
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Assign user accounts in the task view.
- Assign user accounts in Add assignments.
- OR -
Remove user accounts in Remove assignments.
- Save the changes.
Related Topics
- Entering Master Data for SharePoint Permission Levels
- Assigning SharePoint Roles directly to User Accounts
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint Groups to SharePoint Roles
- Adding SharePoint Roles to System Roles
- Adding SharePoint Roles to the IT Shop
Assigning SharePoint Groups to SharePoint Roles
SharePoint Roles and Groups > SharePoint Roles and Permission Levels > Assigning SharePoint Roles to SharePoint User Accounts > Assigning SharePoint Groups to SharePoint Roles
Assigning SharePoint Groups to SharePoint Roles
In order for SharePoint user accounts to obtain permissions to individual sites, assign SharePoint roles to the groups. SharePoint roles and groups must belong to the same site collection.
|
|
NOTE: SharePoint roles that reference permission levels with the Hidden option cannot be assigned to groups. |
To assign groups to a SharePoint role
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Assign groups in the task view.
- Assign groups in Add assignments.
- OR -
Remove groups in Remove assignments.
- Save the changes.
Related Topics
- Entering Master Data for SharePoint Permission Levels
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Roles to SharePoint Groups
- Adding SharePoint Roles to System Roles
- Adding SharePoint Roles to the IT Shop
Adding SharePoint Roles to System Roles
SharePoint Roles and Groups > SharePoint Roles and Permission Levels > Assigning SharePoint Roles to SharePoint User Accounts > Adding SharePoint Roles to System Roles
Adding SharePoint Roles to System Roles
| Installed Module: | System Roles Module |
Use this task to add a SharePoint role to system roles. If you assign a system role to employees, all the employees' user authenticated user accounts inherit the SharePoint role.
|
|
NOTE: SharePoint roles that reference permission levels with the Hidden option cannot be assigned to system roles. These SharePoint roles can be neither directly nor indirectly assigned to user accounts or groups. For more information, see Entering Master Data for SharePoint Permission Levels. |
|
|
NOTE: SharePoint roles with the option Only use in IT Shop set, can only be assigned to system roles that also have this option set. |
To assign a SharePoint role to system roles
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Assign system roles in the task view.
-
Assign system roles in Add assignments.
- OR -
Remove system roles from Remove assignments.
- Save the changes.
Related Topics
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Roles to SharePoint Groups
- Adding SharePoint Roles to the IT Shop
Adding SharePoint Roles to the IT Shop
SharePoint Roles and Groups > SharePoint Roles and Permission Levels > Assigning SharePoint Roles to SharePoint User Accounts > Adding SharePoint Roles to the IT Shop
Adding SharePoint Roles to the IT Shop
Once a SharePoint role has been assigned to an IT Shop shelf, it can be requested by the shop customers. To ensure it can be requested, further prerequisites need to be guaranteed.
- The SharePoint role must be labeled with the option IT Shop.
- The SharePoint role must be assigned to a service item.
- The SharePoint role must be also labeled with the option Only use in IT Shop if the SharePoint role can only be assigned to employees using IT Shop requests. Direct assignment to hierarchical roles may not be possible.
|
|
Note: IT Shop administrators can assign SharePoint roles to IT Shop shelves in the case of role-based login. Target system administrators are not authorized to add SharePoint roles in the IT Shop. |
To add a SharePoint role to the IT Shop
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Add to IT Shop in the task view.
- Assign the IT Shop shelf in Add assignments.
- Save the changes.
To remove a SharePoint role from individual IT Shop shelves
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Add to IT Shop in the task view.
- Remove the group from the IT Shop shelves in Remove assignments.
- Save the changes.
To remove an SharePoint roles from all IT Shop shelves
- Select the category SharePoint | Hierarchical view | <Farm> | Web applications | <web application> | <site collection> | <site> | Roles.
- Select the role in the result list.
- Select Remove from all shelves (IT Shop) in the task view.
- Confirm the security prompt with Yes.
- Click OK.
The SharePoint role is removed from all shelves by the One Identity Manager Service. All requests and assignment requests are canceled along with the SharePoint role as a result.
Detailed information about this topic
- One Identity Manager IT Shop Administration Guide
Related Topics
- Entering Master Data for SharePoint Roles
- Assigning SharePoint Roles to Departments, Cost Centers and Locations
- Assigning SharePoint Roles to Business Roles
- Assigning SharePoint User Accounts directly to a SharePoint Role
- Assigning SharePoint Groups to SharePoint Roles
- Adding SharePoint Roles to System Roles