Chat now with support
Chat with Support

Identity Manager 8.1 - Attestation Administration Guide

Attestation and recertification
One Identity Manager users for attestation Attestation base data Attestation policies Creating custom mail templates for notifications
Approval processes for attestation cases
Approval policies Approval workflows Selecting attestors Setting up multi-factor authentication for attestation Prevent attestation by employee awaiting attestation Managing attestation cases
Attestation sequence Default attestation and withdrawal of entitlements User attestation and recertification Mitigating controls Appendix: Configuration parameters for attestation

Deleting attestation policies

IMPORTANT: Do not delete attestation policies, for audit reasons.

Attestation policies may still be removed from the One Identity Manager database under specific conditions. Ensure that the attestation policy is archived when deleted.

For detailed information about data archiving, see the One Identity Manager Configuration Guide.

Prerequisites

  • The user is logged in to the Manager as the system user viadmin.

  • The attestation policy is disabled.

To delete an attestation policy

  1. In the Manager, select Attestation | Attestation policies | Disabled policies.

  2. Select the attestation policy in the result list and run Change master data.

  3. Select Delete attestation policy in the task view.

  4. Confirm the security prompt with Yes.

    The attestation policy is deleted. All associated attestation cases, approval workflows and the attestation history are deleted.

Related Topics

Disabling attestation policies

Attestations are run when the schedule assigned to an attestation policy is enabled. You can disabled attestation policies to prevent attestation cases being created for individual attestation policies.

TIP: Numerous default attestation policies are supplied with One Identity Manager. Check which of the default attestation policies are relevant for your data situation when you set up your database. Disable all unnecessary attestation policies.

To disable an attestation policy

  1. In Manager, select Attestation | Attestation policies.

  2. Select the attestation policy in the result list and run Change master data.

  3. Set Disabled.

  4. Save the changes.

Creating custom mail templates for notifications

A mail template consists of general master data such as target format, important or mail notification confidentiality and one or more mail definitions. Mail text is defined in several languages in the mail template. This ensures that the language of the recipient is taken into account when the email is generated.

There is a One Identity Manager in the Mail Template Editor to simplify writing notifications. You can use Mail Template Editor to create and edit mail texts in WYSIWYG mode.

To edit mail templates

  1. In Manager, select the category Attestation | Basic configuration data | Mail templates.

    This shows all the mail templates that can be used for attestation cases in the result list.

  1. Select a mail template in the result list and run Change master data.

    - OR -

    Click in the result list toolbar.

    This opens the mail template editor.

  2. Edit the mail template.

  3. Save the changes.

To copy a mail template

  1. In Manager, select the category Attestation | Basic configuration data | Mail templates.

    This shows all the mail templates that can be used for attestation cases in the result list.

  1. Select the mail template that you want to copy in the result list and run Change master data.

  2. Select Copy mail template.

  3. Enter the name of the new mail template in Name of copy.

  4. Click OK.

To display a mail template preview

  1. In Manager, select the category Attestation | Basic configuration data | Mail templates.

    This shows all the mail templates that can be used for attestation cases in the result list.

  1. Select a mail template in the result list and run Change master data.

  2. Select Preview.

  3. Select the base object.

  4. Click OK.

To delete a mail template

  1. In Manager, select the category Attestation | Basic configuration data | Mail templates.

    This shows all the mail templates that can be used for attestation cases in the result list.

  1. Select the template in the result list.
  2. Click in the result list toolbar.
  3. Confirm the security prompt with Yes.

General properties of a mail template

The following general properties are displayed for a mail template:

Table 10: Mail template properties

Property

Meaning

Mail template

Name of the mail template. This name will be used to display the mail templates in the administration tools and in Web Portal. Translate the given text using the button.

Base object

Mail template base object. A base object only needs to be entered if the mail definition properties of the base object are referenced.

Use the base object AttestationCase or AttestationHelper for notifications about attestation.

Report (parameter set)

Report, made available through the mail template.

Description

Mail template description. Translate the given text using the button.

Target format

Format in which to generate email notification. Permitted values are:

  • HTML: The email notification is formatted in HTML format. HTML format can contain formatting.
  • TXT: The email notification is formatted in text format. Text format does not contain any formatting.

Design type

Design in which to generate the email notification. Permitted values are:

  • Mail template: The generated email notification contains the mail body in accordance with the mail definition.
  • Report: The generated email notification contains the report specified under Report (parameter set) as its mail body.
  • Mail template, report in attachment: The generated email notification contains the mail body in accordance with the mail definition. The report specified under Report (parameter set) is attached to the notification as a PDF file.

Importance

Importance for the email notification. Permitted values are Low, Normal, and High.

Confidentiality

Confidentiality for the email notification. Permitted values are Normal, Personal, Private, and Confidential.

Can unsubscribe

Specifies whether the recipient can unsubscribe email notification. If this option is set, the emails can be unsubscribed through the Web Portal.

Deactivated

Specifies whether this mail template is disabled.

Mail definition

Unique name for the mail definition.

Language

Language which applies to the mail template.

Subject

Subject of the email message

Mail body

Content of the email message.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating