Chat now with support
Chat with Support

Identity Manager 8.1 - Administration Guide for Connecting to SharePoint Online

Mapping a SharePoint Online environment in One Identity Manager Synchronizing a SharePoint Online environment Managing SharePoint Online user accounts and employees Managing the assignments of SharePoint Online groups and roles Mapping of SharePoint Online objects in One Identity Manager
SharePoint Online tenants SharePoint Online user accounts SharePoint Online groups SharePoint Online permission levels SharePoint Online site collections SharePoint Online sites SharePoint Online roles
Handling of SharePoint Online objects in Web Portal Basic data for managing a SharePoint Online environment Appendix: Configuration parameters for managing SharePoint Online Appendix: Default project template for SharePoint Online Appendix: Editing system objects About us

Overview of SharePoint Online user accounts

To obtain an overview of a user account

  1. In Manager, select SharePoint Online | User accounts (user authenticated).

    - OR -

    In Manager, select SharePoint Online | User accounts (group authenticated).

  2. Select the user account in the result list.

  3. Select SharePoint Online user account overview.

Assigning extended properties

Extended properties are meta objects that cannot be mapped directly in One Identity Manager, for example, operating codes, cost codes or cost accounting areas.

To specify extended properties for a user account

  1. In Manager, select SharePoint Online | User accounts (user authenticated).

    - OR -

    In Manager, select SharePoint Online | User accounts (group authenticated).

  2. Select the user account in the result list.

  3. Select Assign extended properties.

  4. Assign extended properties in Add assignments.

    TIP: In the Remove assignments area, you can remove the assignment of extended properties.

    To remove an assignment

    • Select the extended property and double click .
  5. Save the changes.

For detailed information about extended properties, see the One Identity Manager Identity Management Base Module Administration Guide.

Deleting and restoring SharePoint Online user accounts

If a user account is deleted in One Identity Manager, it is initially marked for deletion. The user account is therefore locked. Depending on the deferred deletion setting, the user account is either deleted from the One Identity Manager database immediately, or at a later date.

NOTE: As long as an account definition for an employee is valid, the employee retains the user account that was created by it. If the assignment of an account definition is removed, the user account that was created from this account definition is deleted.

To delete a user account that is not managed using an account definition

  1. In Manager, select SharePoint Online | User accounts (user authenticated).

    - OR -

    In Manager, select SharePoint Online | User accounts (group authenticated).

  2. Select the user account in the result list.

  3. Click to delete the user account.

  4. Confirm the security prompt with Yes.

To restore a user account

  1. In Manager, select SharePoint Online | User accounts (user authenticated).

    - OR -

    In Manager, select SharePoint Online | User accounts (group authenticated).

  2. Select the user account in the result list.

  3. Click in the result list toolbar.

Configuring deferred deletion

By default, user accounts are finally deleted from the database after 30 days. You can reenable the user accounts until deferred deletion is run. After deferred deletion is run, the user account are deleted from the database and cannot be restored anymore. You can configure an alternative deletion delay in Designer using the O3SUser table.

SharePoint Online groups

You can use groups in SharePoint Online to provide users with the same permissions. Groups that you add for site collections are valid for all sites in that site collection. SharePoint Online roles that you define for a site are assigned directly to groups. All user accounts that are members of these groups obtain the permissions defined in the SharePoint Online roles for this site.

You can edit the following group data in the One Identity Manager:

  • Object properties like display name, owner or visibility of memberships
  • Assigned SharePoint Online role and user accounts
  • Usage in the IT Shop
  • Risk assessment
  • Inheritance through roles and inheritance restrictions
Detailed information about this topic
Related Topics
Related Documents