Employees who are permanently deactivated can be re-enabled if they were not disabled by certification.
To re-enable an employee
An alert appears.
On the master data form for the employee, the option Disabled permanently is not set. The end date and last working day are deleted.
When an employee is deleted, they are tested to see if user accounts and company resources are still assigned, or if there are still pending requests in IT Shop. The employee is marked for deletion and therefore locked out of further processing. Before an employee can finally be deleted from the One Identity Manager database, you need to delete all company resource assignments and close all requests. You can do this manually or implement custom processes to do it. All the user accounts linked to one employee could be deleted by default by One Identity Manager once this employee has been deleted. If no more company resources are assigned, the employee is finally deleted.
By default, employees are finally deleted from the database after 30 days. During this period it is possible to re-enable the employee. A restore is not possible once the delete delay has expired. You can configure an alternative deletion delay in the Person table in Designer.
provides you with support for creating complex password policies, for example, for system user passwords, the employees' central password as well as passwords for individual target systems. Password polices apply not only when the user enters a password but also when random passwords are generated.
Predefined password policies are supplied with the default installation that you can user or customize if required. You can also define your own password policies.
You can customize predefined password policies to meet your own requirements, if necessary.
The DialogUser.Password and Person.DialogUserPassword) as well as the access code for a one off log in on the Web Portal (Person.Passcode).password policy is applied for logging in to . This password policy defined the settings for the system user passwords (
|NOTE: The password policy is marked as the default policy. This password policy is applied if no other password policy can be found for employees, user accounts or system users.|
An employee's central password is formed from the target system specific user accounts by respective configuration. The Employee central password policy password policy defines the settings for the (Person.CentralPassword) central password. Members of the Identity Management | Employees | Administrators application role can adjust this password policy.
IMPORTANT: Ensure that the Employee central password policy password policy does not violate the system-specific requirements for passwords.
Predefined password policies are provided, which you can apply to the user account password columns of the user accounts.