Chat now with support
Chat with Support

Identity Manager 8.1 - Identity Management Base Module Administration Guide

Basics for Mapping Company Structures in One Identity Manager Managing Departments, Cost Centers and Locations Working with Dynamic Roles Employee administration
One Identity Manager users for employee administration Basic data for employee master data Entering employee master data Employee's central user account Employee's central password Employee's default email address Mapping multiple employee identities Disabling and deleting employees Password policies for employees Limited access to One Identity Manager Assigning company resources to employees Displaying the origin of an employee's roles and entitlements Analyzing role memberships and employee assignments Additional tasks for managing employees Determining an employee‘s language Determining an employee's working hours Employee reports
Managing Devices and Workdesks Managing Resources Set up Extended Properties Appendix: Configuration parameters for managing departments, cost centers, and locations Appendix: Configuration parameters for managing employees Appendix: Configuration Parameters for Managing Devices and Workdesks

General Master Data for Devices

Enter the following general master data for a device. The master data available depends on the selected device model.

Table 56: General Master Data for Devices
Property Description

Asset number

Number of the asset in the bookkeeping.

Device ID

Unique device ID.

PC

Specifies whether the hardware is a computer.

Server

Specifies whether the hardware is a server.

Local periphery

Specifies whether this is a local periphery, for example, monitor, printer, or other periphery device.

Manufacturer

Name of manufacturer.

Device model

Name of the device model. The master data available depends on the selected device model.

Device status

Device's status.

Workdesk

The device's workdesk. This workdesk is used to assign various devices to a workstation or a server.

If the “Hardware | Workdesk | WorkdeskAuto” configuration parameter is activated, a workdesk bearing the same name is automatically created when a workstation or a server is set up.

Parent device

A parent device which is linked to this device.

VM Client (option)

Specifies whether this device is a virtual machine.

VM Host

Device on which a virtual machine is installed. The selection is shared if the VM client is set.

VM Host (option)

Specifies whether this hardware is host for a virtual machine.

Phone Telephone number.
Used by Employee who uses this device.

Primary department

Department to which the device is primary assigned. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Primary location

Location to which the device is primary assigned. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Primary cost center

Cost center to which the device is primary assigned. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Primary business roles

Business role to which the device is assigned. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Note: This property is available if the Business Roles Module is installed.
Investment Investments or investment plans for the device.

Location description

Spare text box for additional explanation.

Description

Spare text box for additional explanation.

Remarks

Spare text box for additional explanation.

No inheritance

Specifies whether the device inherits company resources through roles. If this option is set, the employee cannot inherit. Direct assignments remain intact.

Operating system Operating system identifier.
Operating system version Version number of the operating system.
Service pack operating system Service pack identifier.
Hotfix operating system Hotfix identifier.
Carrier Carrier contract for the device.
Serial number Manufacturer's serial number.
MAC address The device's MAC address.
IMEI The device's IMEI number.
ICCID The device's ICCID number.
BIOS version Version of the BIOS.
RAM [MB] RAM in megabytes.
HDD capacity [MB] Capacity of the first disk in megabytes
Second HDD capacity [MB] Capacity of the second disk in megabytes
Max. vertical resolution Maximum vertical image resolution.
Max. horizontal resolution Maximum horizontal image resolution.
Import data source Target system or data source, from which the data set was imported.

Spare field no. 01 ... Spare field no. 10

Additional company specific information. Use Designer to customize display names, formats and templates for the input fields.

Related Topics

Device Networking Data

Enter the following information for the network configuration. The master data available depends on the selected device model.

Table 57: Network data
Property Description

IP address (IPv4)

IP address in IPv4 format.

IP address (IPv6)

IP address in IPv6 format.

Use DHCP

Specifies whether the IP address is taken from a DHCP server. If this option is not set, enter a fixed IP address and enter the subnet mask and standard gateway.

Subnet mask

Subnet mask.

Default gateway

Default gateway.

Use WINS

Specifies whether WINS name resolution is used. If this option is set, enter the IP addresses of the preferred and the alternative WINS server.

WINS primary

IP address of the preferred WINS server.

WINS secondary

IP address of the alternative WINS server.

Range ID

To communicate worth one another, all computers require a TCP/IP network with the same area ID. The area ID is used for identification when the given DNS sever cannot be found. Normally, this input should be left empty.

Use DNS

Specifies whether DNS name resolution is used. If this option is set, enter the IP address of the preferred and the alternative DNS server.

DNS server

IP address of the preferred DNS server.

2. DNS server

IP address of the alternative DNS server.

3. DNS server

IP address of the alternative DNS server.

DNS name

Suffix of DNS domain the device belongs to.

DNS host name DNS name of the computer.

Remote boot

Specifies whether this device uses remote booting. The property is available if the "Hardware | Display | MachineWithRPL" configuration parameter is enabled.

Remote boot type

Data for the remote boot type. The property is available if the "Hardware | Display | MachineWithRPL" configuration parameter is enabled.

Assigning Company Resources to Devices

One Identity Manager uses different assignment types to assign company resources.

  • Indirect assignment

    In the case of indirect assignment of company resources, employees, devices and workdesks are arranged in departments, cost centers, locations, business roles or application roles. The total of assigned company resources for an employee, device or workdesk is calculated from the position within the hierarchies, the direction of inheritance (top-down or bottom-up) and the company resources assigned to these roles. In the Indirect assignment methods a difference between primary and secondary assignment is taken into account.

  • Direct assignment

    Direct assignment of company resources results from the assignment of a company resource to an employee, device, or workdesk, for example. Direct assignment of company resources makes it easier to react to special requirements.

  • Assignment by dynamic roles

    Assignment through dynamic roles is a special case of indirect assignment. Dynamic roles are used to specify role memberships dynamically. Employees, devices, and workdesks are not permanently assigned to a role, just when they fulfill certain conditions. A check is performed regularly to assess which employees, devices, or workdesks fulfill these conditions. The means the role memberships change dynamically. For example, company resources can be assigned dynamically to all employees in a department in this way; if an employee leaves the department they immediately lose the resources assigned to them.

The following table shows the possible company resources assignments to devices.

NOTE: Company resources are defined in the One Identity Manager modules and are not available until the modules are installed.
Table 58: Possible assignments of company resources to devices
 Company resources Direct assignment permitted Indirect assignment permitted Comment

Active Directory groups

- +

All Active Directory computers that reference this device are added to Active Directory groups.

LDAP groups

- +

All LDAP computers that reference this device are added to LDAP groups.

NOTE: Devices also obtain company resources from their workdesks.
Detailed information about this topic
Related Topics

Assigning Devices to Departments, Cost Centers and Locations

Assign devices to departments, cost centers, and locations so that they obtain company resources through these organizations. To assign company resources to departments, cost centers, and locations, use the appropriate organization tasks.

To assign a device to departments, cost centers, and locations (secondary assignment; default method)

  1. Select the Device & Workdesks | Basic configuration data  | <filter> category.
  2. Select the device in the result list.
  3. Select Assign organizations.
  4. Assign organizations in Add assignments.

    • Assign departments on the Departments tab.

    • Assign locations on the Locations tab.

    • Assign cost centers on the Cost centers tab.

    TIP: In the Remove assignments area, you can remove the assignment of organizations.

    To remove an assignment

    • Select the organization and double click .

  5. Save the changes.

To assign a device to departments, cost centers, and locations (primary assignment)

  1. Select the Device & Workdesks | Basic configuration data  | <filter> category.
  2. Select the device in the result list.
  3. Select Change master data.
  4. Adjust the following master data:
    • Primary department
    • Primary cost center
    • Primary location
  5. Save the changes.
Related Topics
Related Documents