Identity Manager 8.1 - Administration Guide for Connecting to a Universal Cloud Interface

Managing Universal Cloud Interface Environments Setting up Synchronization with a Cloud Application in the Universal Cloud Interface Basic data for managing a Universal Cloud Interface environment Cloud Target Systems Container Structures in a Cloud Target System Cloud User Accounts Cloud Groups Cloud Permissions Controls Provisioning Object Changes Reports about Objects in Cloud Target Systems Appendix: Configuration Parameters for Managing Cloud Target Systems Appendix: Default Project Template for Cloud Application in the Universal Cloud Interface

Assigning Permissions Controls to User Accounts

Use this task to assign a permissions control directly to user accounts.

To assign permissions controls to user accounts

  1. Select the category Cloud Target Systems | <target system> | Permissions controls.
  2. Select the permissions control in the result list.
  3. Select Assign user accounts in the task view.
  4. Assign user accounts in Add assignments.

    TIP: In the Remove assignments area, you can remove the assignment of user accounts.

    To remove an assignment

    • Select the user account and double click .
  5. Save the changes.

Assigning Permissions Controls to Groups

Use this task to assign a permissions control directly to groups.

To assign permissions controls to groups

  1. Select the category Cloud Target Systems | <target system> | Permissions controls.
  2. Select the permissions control in the result list.
  3. Select Assign groups in the task view.
  4. Assign groups in Add assignments.

    TIP: you can remove the assignment of groups in the Remove assignments area.

    To remove an assignment

    • Select the group and double click .
  5. Save the changes.

Deleting Permissions Controls

To delete a permissions control

  1. Select the category Cloud Target Systems | <target system> | Permissions controls.
  2. Select the permissions control in the result list.
  3. Click to delete the permissions control.
  4. Confirm the security prompt with Yes.

This deletes the permissions control completely from the One Identity Manager database. Once you have deleted a permissions control, it is also deleted in the Universal Cloud Interface Module through the provisioning process and then in the cloud application. The deletion is logged as a pending change. You can see whether the permissions control has been deleted in the cloud application from the process status for the pending change. The same applies if permissions control assignments to user accounts or groups are deleted.

Related Topics

Provisioning Object Changes

Changes to cloud objects can only be made in the Cloud Systems Management Module. Provisioning processes ensure that object changes are transferred from the Cloud Systems Management Module into the Universal Cloud Interface Module. By default, these object changes are then published in the cloud application by automatic provisioning processes.

The One Identity Manager logs the object changes as pending changes in separate tables. The table QBMPendingChange contains the modified objects and their processing status. The details of the changes, operations to execute, time stamp and processing status are saved in the QBMPendingChangeDetail.

The processing status of an object is not set to successful until all associated changes for this object have been successfully provisioned. An object's processing status is set as failed if all associated changes have been processed and at least one them has failed.

Detailed information about this topic
Related Documents