Valid permissions are mapped in the One Identity Manager database in the table SPSWebAppHasPermission; assignments of valid permissions to permission levels are mapped in the table SPSRoleHasSPSPermission.
If you remove permissions from the list of valid permissions for a web application in SharePoint, the permissions cannot be assigned to permission levels within the web application from this point on. Assignments to permission levels that already exist for these permissions remain intact but are not active. These permissions are deleted from the table SPSWebAppHasPermission during synchronization. Assignments to permission levels that already exist for these permissions are not changed. Inactive permissions are displayed in the permission levels' overview.
SynchronizationThe process of comparing data between One Identity Manager and a target system. Objects and their properties are compared by fixed rules. Synchronization results in the identical data situation in the target system and One Identity Manager database. results are summarized in the synchronization log. You can specify the extent of the synchronization log for each system connection individually. One Identity Manager provides several reports in which the synchronization results are organized under different criteria.
To display a synchronization log
Logs for all completed synchronization runs are displayed in the navigation view.
An analysis of the synchronization is shown as a report. You can save the report.
To display a provisioning log.
Logs for all completed provisioning processes are displayed in the navigation view.
Select a log by double-clicking on it.
An analysis of the provisioning is show as a report. You can save the report.
The log is marked in color in the navigation view. This mark shows you the execution status of the synchronization/provisioning.
Synchronization logs are stored for a fixed length of time. The retention period is set in the configuration parameter "DPR\Journal\LifeTime" and its sub parameters.
To modify the retention period for synchronization logs
You have used the Synchronization EditorOne Identity Manager tool for configuring target system synchronization. to set up a synchronization project for initial synchronization of a SharePoint farm. You can use this synchronization project to load SharePoint objects into the One Identity Manager database. If you manage user accounts and their authorizations with One Identity Manager, changes are provisioned in the SharePoint environment.
You must customize the synchronization configuration in order to compare the SharePoint database with the regularly and to synchronize changes.
|
IMPORTANT: As long as synchronization is running, you must not start another synchronization for the same target system. This applies especially, if the same synchronization objects would be processed.
|
The synchronization project for initial synchronization provides a workflow for initial loading of
To create a synchronization configuration for synchronizing SharePoint farms
Open the synchronization project in the Synchronization EditorOne Identity Manager tool for configuring target system synchronization..
|
TIP: You can start the Synchronization |
This adds a workflow for synchronizing in the direction of the target system.
Run a consistency check.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy