If IT operating data changes, you must transfer these changes to the existing user accounts. To do this, templates must be rerun on the affected columns. Before you can run the templates, you can check what the effect of a change to the IT operating data has on the existing user accounts. You can decide whether the change is transferred to the database in the case of each affected column in each affected database.
- OR -
|NOTE: If the assignment of an employee|
To execute the template
Select the category <target system type> | Basic configuration data | Account definitions | Account definitions.
This displays a list of all user account, which are created through the selected account definition and whose properties are changed by modifying the IT operating data.
|Old value||Current value of the object property.|
|New value||Value applied to the object property after modifying the IT operating data.|
|Selection||Specifies whether the modification is applied to the user account.|
The templates are applied to all selected user accounts and properties.
After you have entered the master data, you can apply different tasks to it. The task view contains different forms with which you can run the following tasks. You can find the most important information on the overview form.
Use this task to define dynamic roles for individual business roles. Dynamic roles are used to specify role memberships dynamically. Employees, devices or workdesks are not permanently assigned to a role, just when they fulfill certain conditions. A check is performed regularly to assess which employees (devices or workdesks) fulfill these conditions. The means the role memberships change dynamically. For example, company resources can be assigned dynamically to all employees in a business role in this way; if an employee leaves the department they immediately lose the resources assigned to them.
Dynamic roles always relate to the secondary role assignment of an employee object. Therefore secondary assignment of employees, devices and workdesks to role classes must be permitted. If necessary, further configuration settings need to be made. For more information, see Permit Assignments of Employees, Devices, Workdesks and Company Resources.
|NOTE: The task Create dynamic role is only available for business roles, which do not have the option Dynamic roles not allowed set.|
To create a dynamic role
To edit a dynamic role
For more detailed information about creating and editing dynamic roles, see the One Identity Manager Identity Management Base Module Administration Guide.
Use this task to map which relations exist between business roles and departments, cost centers and locations. This task has the same effect as assigning a department, cost center or location on the business role master data form. The assignment is entered in the respective foreign key column in the base table.
To assign a department, cost center or location to business roles
The selected role is assigned to all business roles as primary department, cost center or location.
- OR -
Remove the business roles in Remove assignments.