Basics for Mapping Company Structures in One Identity Manager
Hierarchical Role Structure Basics
Basics for Assigning Company Resources
Managing Departments, Cost Centers and Locations
Direct Assignment
Indirect Assignment
Assigning through Dynamic Roles
Assigning through IT Shop Requests
Basics for Calculating Inheritance
Preparing Hierarchical Roles for Company Resource Assignments
One Identity Manager Users for Organizations
Base Data for Structuring Departments, Cost Centers and Locations
Editing Departments
Working with Dynamic Roles
General Master Data for a Department
Contact Data for Departments
Functional Area and Risk Assessment
Editing Cost Centers
Editing Locations
General Master Data for a Location
Location Address Information
Configuring a Location's Network
Directions to Location
Functional Area and Risk Assessment
Assigning Employees, Devices and Workdesks to Departments, Cost Centers and Locations
Assigning Company Resources to Departments, Cost Centers and Locations
Setting Up IT Operating Data
Additional Tasks for Managing Departments, Cost Centers and Locations.
Creating Dynamic Roles for Departments, Cost Centers and Locations
Assign Organizations
Specifying Inheritance Exclusion for Roles
Specify Role Relations
Reports about Departments, Cost Centers and Locations
Editing Dynamic Roles
Test Condition of a Dynamic Role
Calculating Role Memberships
Additional Tasks for Dynamic Roles
Employee Administration
One Identity Manager Users for Employee Administration
Basic Configuration Data for Employees
Managing Devices and Workdesks
Business Partners
Creating Custom Mail Templates for Notifications
Entering Employee Master Data
General Properties of a Mail Template
Creating and Editing an Email Definition
Customizing Email Signatures
Password Policies
General Employee Master Data
Organizational Employee Master Data
Address Data
Miscellaneous Employee Master Data
Employee's Central User Account
Employee's Central Password
Employee's Default Email Address
Disabling and Deleting Employees
Temporarily Deactivating Employees
Permanently Deactivating Employees
Deferred Deletion of Employees
Assigning Company Resources to Employees
Assigning Employees to Departments, Cost Centers and Locations
Assigning Employees to Business Roles
Adding Employees to IT Shop Custom Nodes
Assigning Application Roles to Employees
Assigning Resources Directly to Employees
Assigning Applications Directly to Employees
Assigning System Roles Directly to Employees
Origin of an Employee's Roles and Entitlements
Analyzing Role Memberships and Employee Assignments
Mapping Multiple Employee Identities
Limited Access to One Identity Manager
Additional Tasks for Managing Employees
Employee Overview
Manually Assigning User Accounts to Employees
Entering Calls for an Employee
Assigning Extended Properties
Determining an Employee‘s Language
Determining an Employee‘s Working Hours
Employee Reports
Base Data for Device Management
Setting up a Device
Assigning Company Resources to Devices
Additional Tasks for Managing Devices
How to Set up a Workdesk
Managing Resources
General Master Data for a Workdesk
Workdesk Location Information
Additional Information about a Workdesk
Assigning Company Resources to Workdesks
Assigning Workdesks to Departments, Cost Centers and Locations
Assigning Workdesks to Business Roles
Assigning Applications Directly to Workdesks
Assigning System Roles Directly to Workdesks
Additional Tasks for Managing Workdesks
Workdesk Overview
Assigning Devices to Workdesks
Assigning Employees to Workdesks
Assigning Service Agreements and Enter Calls
Asset Data for Devices
One Identity Manager Users for Managing Resources
Base Data for Resources
Editing Resources
Assigning Resources to Employees
Set up Extended Properties
Assigning Employees to Departments, Cost Centers and Locations
Assigning Resources to Business Roles
Assigning Resources Directly to Employees
Adding Resources to the IT Shop
Adding Resources to System Roles
Additional Tasks for Managing Resources
Editing Multi Request Resources
Assigning Multi Request Resources to Employees
Reports about Resources
One Identity Manager Users for Managing Extended Properties
Create Property Groups
Edit Extended Properties
Additional Tasks for Managing Extended Properties
Appendix: Configuration Parameters for Managing Departments, Cost Centers and Locations
Appendix: Configuration Parameters for Managing Applications
Appendix: Configuration Parameters for Managing Devices and Workdesks
Appendix: Authentication Modules for Logging into the One Identity Manager
Restricted Passwords
Employee Administration > Basic Configuration Data for Employees > Password Policies > Restricted Passwords
You can add words to a list of restricted terms to prohibit them from being used in passwords.
|
|
NOTE: The restricted list applies globally to all password policies. |
To add a term to the restricted list
-
Select the category Base Data | Security Settings | Restricted passwords in the Designer.
- Create a new entry with the menu item Object | New an enter the term to excluded to the list.
- Save the changes.
Testing a Password
Employee Administration > Basic Configuration Data for Employees > Password Policies > Testing a Password
When you test a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.
To test whether a password conforms to the password policy
-
Select the category Employees | Basic configuration data | Password policies in the Manager.
- Select the password policy in the result list.
- Select Change master data in the task view.
- Select the Test tab.
- Select the table and object to be tested in Base object for test.
-
Enter a password in Enter password to test.
A display next to the password shows whether it is valid or not.
Testing Generating a Password
Employee Administration > Basic Configuration Data for Employees > Password Policies > Testing Generating a Password
When you generate a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.
To generate a password that conforms to the password policy
-
Select the category Employees | Basic configuration data | Password policies in the Manager.
- Select the password policy in the result list.
- Select Change master data in the task view.
- Select the Test tab.
-
Click Generate.
This generates and displays a password.
Assigning a Password Policy
Employee Administration > Basic Configuration Data for Employees > Password Policies > Assigning a Password Policy
You can assign password policies to system user passwords, the employees' central password as well as passwords for individual target systems. Assign a password policy to the base object to which it should apply.
- The predefined password policy " password policy" is assigned to the system user passwords (DialogUser.Password and Person.DialogUserPassword) as well as the employee's access code (Person.Passcode).
- The predefined password policy "Employee central password policy" is assigned to the employee's central password (Person.CentralPassword).
If you want to apply another password policy to the password column, change the password policy assignment in the Manager.
To change a password policy's assignment
-
Select the category Employees | Basic configuration data | Password policies in the Manager.
- Select the password policy in the result list.
- Select Assign objects in the task view.
- Select the assignment you want to change in Assignments.
- Select the new password policy to apply from the Password Policies menu.
- Save the changes.