Chat now with support
Chat with Support

Identity Manager 8.0 - Administration Guide for Connecting Unix-Based Target Systems

Managing Unix-Based Systems Setting Up Synchronization with a Unix-Based Target System Base Data for Unix-Based Target Systems Unix Host Unix user accounts Unix groups Reports about Unix Objects Appendix: Configuration Parameters for Managing Unix Appendix: Default Project Template for Unix-Based Target Systems

Deleting and Restoring Unix User Accounts

Deleting and Restoring Unix User Accounts

NOTE: As long as an account definition for an employee is valid, the employee retains the user account that was created by it. If the account definition assignment is removed, the user account created through this account definition, is deleted.

To delete a user account

  1. Select the category Unix | User accounts.
  2. Select the user account in the result list.
  3. Delete the user account.
  4. Confirm the security prompt with Yes.

To restore user account

  1. Select the category Unix | User accounts.
  2. Select the user account in the result list.
  3. Click Undo delete in the result list toolbar.
Configuring Deferred Deletion

By default, user accounts are finally deleted from the database after 30 days.The user accounts are initially disabled. You can reenable the user accounts until deferred deletion is run. After deferred deletion is run, the user account are deleted from the database and cannot be restored anymore. You can configure an alternative delay on the table UNXAccount in the Designer.

Related Topics
  • Disabling User Accounts for AIX Systems
  • For more detailed information about deactivating and deleting employees and user accounts, see the One Identity Manager Target System Base Module Administration Guide.

Unix groups

Unix Groups

In the Unix host, user accounts can be gathered into groups, which can be used to regulate access to resources. Local groups are loaded into One Identity Manager by synchronization. You can set up new groups or to edit already existing groups.

To add users to groups, you assign the groups directly to users. This can be assignments of groups to departments, cost centers, location, business roles or to the IT Shop.

Detailed information about this topic

Entering Master Data for Unix Groups

Entering Master Data for Unix Groups

To edit group master data

  1. Select the category Unix | Groups.
  2. Select the group in the result list and run Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  3. Edit a group's master data.
  4. Save the changes.
Detailed information about this topic

General Master Data for an Unix Group

General Master Data for an Unix Group

Enter the following data on the General tab:

Table 35: General Master Data
Property Description

Group name

Name of the group.

Group ID

Group's identifier.

Host

Group's host.

IT Shop

Specifies whether the group can be requested through the IT Shop. This group can be requested by staff through the Web Portal and granted through a defined approval process. The group can still be assigned directly to hierarchical roles.

Only for use in IT Shop

Specifies whether the group can only be requested through the IT Shop. This group can be requested by staff through the Web Portal and granted through a defined approval process. The group may not be assigned directly to hierarchical roles.

Service item

Service item data for requesting the group through the IT Shop.

Risk index

Value for evaluating the risk of assigning the group to user accounts. Enter a value between 0 and 1. This property is only visible when the configuration parameter QER\CalculateRiskIndex is set.

For more detailed information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide.

Category

Categories for group inheritance. Groups can be selectively inherited by user accounts. To do this, groups and user accounts are divided into categories. Use this menu to allocate one or more categories to the group.
Related Topics
Related Documents