After you have entered the master data, you can apply different tasks to it. The task view contains different forms with which you can run the following tasks.
To obtain an overview of a SharePoint role
|Configuration parameter||Active Meaning|
Preprocessor relevant configuration parameter for controlling effectiveness of group memberships. If the parameter is set, memberships can be reduced on the basis of exclusion definitions. Changes to the parameter require recompiling the database.
When SharePoint roles are assigned to user accounts an employee may obtain two or more SharePoint roles, which are not permitted in this combination. To prevent this, you can declare mutually exclusive SharePoint roles. To do this, you specify which of the two SharePoint roles should apply to the user accounts if both of the SharePoint roles are assigned.
It is possible to assign an excluded SharePoint roles directly, indirectly or by IT Shop request at any time. One Identity Manager determines whether the assignment is effective.
The effect of the assignments is mapped in the tables SPSUserHasSPSRLAssign and BaseTreeHasSPSRLAssign though the column XIsInEffect.
To exclude SharePoint roles
- OR -
Remove roles that are no longer mutually exclusive in Remove assignments.
You cannot delete SharePoint roles in the Manager. They are deleted by the DBQueue Processor when the associated permission level is deleted.
To delete a permission level
If deferred deletion is configured, the permission level is marked for deletion and finally deleted after the deferred deletion period has expired. During this period, the permission level can be restored. Permission levels with deferred deletion of 0 days are deleted immediately.
To restore a permission level