Processing G Suite system objects
Processing G Suite system objects
The following table describes permitted processing methods for G Suite schema types.
Table 51: Methods available for editing schema types
|
G Suite customer (Customer) |
Yes |
No |
No |
Yes |
|
Domain (Domain) |
Yes |
No |
No |
No |
|
Domain alias (DomainAlias) |
Yes |
No |
No |
No |
|
Organization (OrgUnit) |
Yes |
Yes |
Yes |
Yes |
|
User account (User) |
Yes |
Yes |
Yes |
Yes |
|
Group (Group) |
Yes |
Yes |
Yes |
Yes |
|
Product and SKU (ProductAndSku) |
Yes |
No |
No |
Yes |
|
User account: address(UserAddress) |
Yes |
Yes |
Yes |
Yes |
|
User account: Email address (UserEmail) |
Yes |
Yes |
Yes |
Yes |
|
User account: external ID (UserExternalId) |
Yes |
Yes |
Yes |
Yes |
|
User account: instant messenger (UserIm) |
Yes |
Yes |
Yes |
Yes |
|
User account: user details (UserOrganization) |
Yes |
Yes |
Yes |
Yes |
|
User account: phone number (UserPhone) |
Yes |
Yes |
Yes |
Yes |
|
User account: relation (UserRelation) |
Yes |
Yes |
Yes |
Yes |
|
User account: website (UserWebsite) |
Yes |
Yes |
Yes |
Yes |
|
Admin role (AdminRole) |
Yes |
Yes |
Yes |
Yes |
|
Admin privilege (AdminPrivilege) |
Yes |
No |
No |
No |
|
Admin roles assignments (AdminRoleAssignment) |
Yes |
Yes |
Yes |
Yes |
Special features in the assignment of G Suite groups
Special features in the assignment of G Suite groups
In One Identity Manager, entitlements can be assigned directly or indirectly to user accounts. The type of assignment is indicated in the XOrigin column in the assignment tables. In the GAPUserInPaSku and GAPUserInGroup assignment tables, XOrigin can have the default values 1 to 15 (bit 0 to 3).
Through the assignment of a G Suite groups to a G Suite customer, all the customer's user accounts can become members of the group. In the calculation of inheritance, an entry is made in the GAPUserInGroup table for each of the customer's user accounts. The origin of these assignments is indicated in GAPUserInGroup.XOrigin with the value 16 (bit 4).
Table 52: Origin of entitlement assignments
|
GAPUserInPaSku
GAPUserInGroup |
direct |
1 |
|
indirect |
2 |
|
dynamic |
4 |
|
assignment request |
8 |
|
GAPUserInGroup |
via customers |
16 |
For detailed information about the calculation of assignments in One Identity Manager, see the One Identity Manager Identity Management Base Module Administration Guide.
Related topics
About us
One Identity solutions eliminate the complexities and time-consuming processes often required to govern identities, manage privileged accounts and control access. Our solutions enhance business agility while addressing your IAM challenges with on-premises, cloud and hybrid environments.
Contacting us
For sales and other inquiries, such as licensing, support, and renewals, visit https://www.oneidentity.com/company/contact-us.aspx.
Technical support resources
Technical support is available to One Identity customers with a valid maintenance contract and customers who have trial versions. You can access the Support Portal at https://support.oneidentity.com/.
The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. The Support Portal enables you to:
- Submit and manage a Service Request
- View Knowledge Base articles
- Sign up for product notifications
- Download software and technical documentation
- View how-to videos at www.YouTube.com/OneIdentity
- Engage in community discussions
- Chat with support engineers online
- View services to assist you with your product
