Chat now with support
Chat with Support

Identity Manager 8.1 - Identity Management Base Module Administration Guide

Basics for Mapping Company Structures in One Identity Manager Managing Departments, Cost Centers and Locations Working with Dynamic Roles Employee administration
One Identity Manager users for employee administration Basic data for employee master data Entering employee master data Employee's central user account Employee's central password Employee's default email address Mapping multiple employee identities Disabling and deleting employees Password policies for employees Limited access to One Identity Manager Assigning company resources to employees Displaying the origin of an employee's roles and entitlements Analyzing role memberships and employee assignments Additional tasks for managing employees Determining an employee‘s language Determining an employee's working hours Employee reports
Managing Devices and Workdesks Managing Resources Set up Extended Properties Appendix: Configuration parameters for managing departments, cost centers, and locations Appendix: Configuration parameters for managing employees Appendix: Configuration Parameters for Managing Devices and Workdesks

Using a password policy

The password policies One Identity Manager password policy and Employee central password policy are predefined for employees' passwords.

You can assign custom password policies to employees' password columns. You can also assign the password policies to departments, cost centers, locations, or business roles, and therefore apply password policies depending on the employees' organizational classification.

The password policy that is applied for a person is determined in the following order:

  1. Password policy of the employee's primary business role
  2. Password policy of the employee's primary department
  3. Password policy of the employee's primary location
  4. Password policy of the employee's primary cost center
  5. General password policy for employee passwords
  6. Password policy One Identity Manager password policy (default policy)
Related Topics

Changing the password policy for the password columns

If you do not want to apply the predefined password policy to the password column of employees, change the password policy assignment to the base object in the Manager.

To change a password policy's assignment

  1. In Manager, select Employees | Basic configuration data | Password policies| Password policies.

  2. Select the password policy in the result list.
  3. Select Assign objects.
  4. Select the assignment you want to change in Assignments.
  5. Select the new password policy to apply from the Password Policies menu.
  6. Save the changes.

Assigning password policies to departments, cost centers, locations and business roles

You can assign the password policies for forming an employee's system user password, the access code, and an employee's central password to departments, cost centers, locations, and business roles.

NOTE: If you want to use the assignment of a password policy via company structures, you need to decide whether to use either departments, cost centers, locations, or business roles. Otherwise, performance problems may occur when determining the valid password policy. A large number of hierarchy levels could also lead to performance problems when determining the password policy to apply.

To reassign a password policy

  1. In Manager, select Employees | Basic configuration data | Password policies| Password policies.

  2. Select the password policy in the result list.
  3. Select Assign objects.
  4. Click Add in the Assignments section and enter the following data.

    Table 41: Assigning a Password Policy

    Property

    Description

    Apply to

    Application scope of the password policy.

    To specify an application scope

    1. Click next to the text box.
    2. Under Table, select the table that contains the basic objects. You have the following options:

      • Departments (Department table)
      • Business roles (Org table)

        NOTE: This table is only available if Business Roles Module is installed.

      • Locations (Locality table)
      • Cost centers (Profitcenter table)
    3. Under Apply to, select the specific department, cost center, location or business role.
    4. Click OK.

    Password column

    The password column's identifier. You have the following options:

    • Employees - central password (table Employee, column CentralPassword)
    • Employees - password (table Employee, column DialogUserPassword)
    • Employees - access code (table Employee, column Passcode)

    Password policy

    The identifier of the password policy to be used.

  5. Save the changes.

Editing password policies

To edit a password policy

  1. In Manager, select Employees | Basic configuration data | Password policies| Password policies.

  2. Select the password policy in the result list and select Change master data.

  3. Edit the password policy's master data.
  4. Save the changes.
Detailed information about this topic
Related Documents