Chat now with support
Chat with Support

Identity Manager 9.1.1 - Administration Guide for Connecting to SharePoint

Managing SharePoint environments Setting up SharePoint farm synchronization Basic data for managing a SharePoint environment SharePoint farms SharePoint web applications SharePoint site collections and sites SharePoint user accounts SharePoint roles and groups
SharePoint groups SharePoint roles and permission levels
Permissions for SharePoint web applications Reports about SharePoint objects Configuration parameters for managing a SharePoint environment Default project template for SharePoint

Displaying the SharePoint rules overview

To obtain an overview of a SharePoint role

  1. Select the SharePoint > Roles category.
  2. Select the role in the result list.
  3. Select the SharePoint role overview task.

Effectiveness of SharePoint roles

The behavior described under Effectiveness of group memberships can also be used for SharePoint roles.

The effect of the assignments is mapped in the SPSUserHasSPSRLAssign and BaseTreeHasSPSRLAssign tables though the column XIsInEffect.

Prerequisites
  • The QER | Structures | Inherite | GroupExclusion configuration parameter is set.

    In the Designer, set the configuration parameter and compile the database.

    NOTE: If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

  • Mutually exclusive SharePoint roles belong to the same site collection.

To exclude SharePoint roles

  1. Select the SharePoint > Roles category.
  2. Select the role in the result list.
  3. Select the Exclude SharePoint roles task.
  4. In the Add assignments pane, assign the roles that are mutually exclusive to the selected role.

    - OR -

    In the Remove assignments pane, remove the roles that no longer exclude each other.

  5. Save the changes.
Detailed information about this topic

Assigning extended properties to SharePoint roles

Extended properties are meta objects, such as operating codes, cost codes, or cost accounting areas that cannot be mapped directly in One Identity Manager.

To specify extended properties for a SharePoint role

  1. In the Manager, select the SharePoint > Roles category.

  2. Select the role in the result list.

  3. Select the Assign extended properties task.

  4. In the Add assignments pane, assign extended properties.

    TIP: In the Remove assignments pane, you can remove assigned extended properties.

    To remove an assignment

    • Select the extended property and double-click .

  5. Save the changes.

For more information about setting up extended properties, see the One Identity Manager Identity Management Base Module Administration Guide.

Deleting SharePoint roles and permission levels

You cannot delete SharePoint roles in the Manager. They are deleted by the DBQueue Processor when the associated permission level is deleted.

To delete a permission level

  1. Select the SharePoint > Permission levels category.
  2. Select the permission level in the result list.
  3. Click to delete the permission level.
  4. Confirm the security prompt with Yes.

If deferred deletion is configured, the permission level is marked for deletion and finally deleted after the deferred deletion period has expired. During this period, the permission level can be restored. Permission levels with deferred deletion of 0 days are deleted immediately.

To restore a permission level

  1. Select the SharePoint > Permission levels category.
  2. Select the permission level marked for deletion in the result list.
  3. Click in the result list.
Related topics
  • One Identity Manager Configuration Guide
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating