Chat now with support
Chat with Support

Identity Manager 9.2.1 - Administration Guide for Connecting to Azure Active Directory

Managing Azure Active Directory environments Synchronizing an Azure Active Directory environment
Setting up initial synchronization with an Azure Active Directory tenant Adjusting the synchronization configuration for Azure Active Directory environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing Azure Active Directory user accounts and identities Managing memberships in Azure Active Directory groups Managing Azure Active Directory administrator roles assignments Managing Azure Active Directory subscription and Azure Active Directory service plan assignments
Displaying enabled and disabled Azure Active Directory service plans forAzure Active Directory user accounts and Azure Active Directory groups Assigning Azure Active Directory subscriptions to Azure Active Directory user accounts Assigning disabled Azure Active Directory service plans to Azure Active Directory user accounts Inheriting Azure Active Directory subscriptions based on categories Inheritance of disabled Azure Active Directory service plans based on categories
Login credentials for Azure Active Directory user accounts Azure Active Directory role management
Azure Active Directory role management tenants Enabling new Azure Active Directory role management features Azure Active Directory role main data Displaying Azure Active Directory scoped role assignments Displaying scoped role eligibilities for Azure Active Directory roles Overview of Azure Active Directory scoped role assignments Main data of Azure Active Directory scoped role assignments Managing Azure Active Directory scoped role assignments Adding Azure Active Directory scoped role assignments Editing Azure Active Directory scoped role assignments Deleting Azure Active Directory scoped role assignments Assigning Azure Active Directory scoped role assignments Assigning Azure Active Directory system roles to scopes through role assignments Assigning Azure Active Directory business roles to scopes though role assignments Assigning Azure Active Directory organizations to scopes through role assignments Overview of Azure Active Directory scoped role eligibilities Main data of Azure Active Directory scoped role assignments Managing Azure Active Directory scoped role eligibilities Adding Azure Active Directory scoped role eligibilities Editing Azure Active Directory scoped role eligibilities Deleting Azure Active Directory scoped role eligibilities Assigning Azure Active Directory scoped role eligibilities Assigning Azure Active Directory system roles to scopes through role eligibilities Assigning Azure Active Directory business roles to scopes though role eligibilities Assigning Azure Active Directory organizations to scopes through role eligibilities
Mapping Azure Active Directory objects in One Identity Manager
Azure Active Directory core directories Azure Active Directory user accounts Azure Active Directory user identities Azure Active Directory groups Azure Active Directory administrator roles Azure Active Directory administrative units Azure Active Directory subscriptions and Azure Active Directory service principals Disabled Azure Active Directory service plans Azure Active Directory app registrations and Azure Active Directory service principals Reports about Azure Active Directory objects
Handling of Azure Active Directory objects in the Web Portal Recommendations for federations Basic configuration data for managing an Azure Active Directory environment Troubleshooting Configuration parameters for managing an Azure Active Directory environment Default project template for Azure Active Directory Editing Azure Active Directory system objects Azure Active Directory connector settings

Contact data for Azure Active Directory user accounts

Enter the following address data for contacting the identity on the Contact tab.

Table 31: Contact data
Property Description

Street

Street or road. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

State

State. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

City

City. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level. Locations can be automatically generated and identities assigned based on the city.

Zip code

Zip code. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Country

The country ID.

Business phones

Business telephone numbers.

Mobile phone

Mobile number. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Fax

Fax number. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Additional email addresses

User email addresses.

Proxy addresses

Other email addresses for the user. You can also add other mail connectors (for example, CCMail, MS) in addition to the standard address type (SMTP, X400).

Use the following syntax to set up other proxy addresses:

Address type: <email address>

Information about the user profile for Azure Active Directory user accounts

The following information is displayed on the User profile tab.

Table 32: User profile

Property

Description

Preferred name

The user's preferred name.

Legal age group

This is used by Enterprise application to determined the legal age groups of users. The property is calculated based on the Age group and Consent for minors properties.

VoIP SIP addresses

The instant message voice over IP (VoIP) session initiation protocol (SIP) addresses for the user.

Personal site

URL for the user's personal website.

About me

Text field to the user to write a description of themselves.

Responsibilities

List of the user's responsibilities.

Schools

List of schools the user has attended.

Skills and expertise

List of the user's qualifications.

Past projects

List of the user's past projects.

Interests

List of the user's interests.

Organizational data for Azure Active Directory user accounts

The following organizational main data is mapped on the Organizational tab.

Table 33: Organizational main data
Property Description

Employee ID

ID of the user within the organization. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Employee type

The hire type of the user, such as employee or supplier.

Hire date

(Planned) Date when the user joins the company.

Leave date

(Planned) Date when the user leaves the company.

Company

Company the user belongs to. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Department

Department the user belongs to. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Division

The user's division within the department.

Cost center

The cost center allocated to the user.

Office

Office. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Job description

Job description. If you have assigned an account definition, the input field is automatically filled out with respect to the manage level.

Account manager

Manager responsible for the user account.

To specify an account manager

  1. Click next to the field.
  2. In the Table menu, select the table that maps the account manager.
  3. In the Account manager menu, select the manager.
  4. Click OK.

Information about the local Active Directory user account

The Linked tab shows information about the local Active Directory user account, which is linked to the Azure Active Directory user account.

Table 34: Local Active Directory user account data
Property Description

Synchronization with local Active Directory enabled

Specifies whether synchronization with a local Active Directory is enabled.

Last synchronization

Time of the last Azure Active Directory user account synchronization with the local Active Directory.

SID of the local account.

Security ID of the local Active Directory user account.

Immutable identifier

Identifier that is used to maintain the relationship between the Active Directory user account and the Azure Active Directory user account. The identifier cannot be changed.

Distinguished name

Active Directory user account's distinguished name.

Full domain name

Full domain name of the user account's Active Directory domain.

Login name (pre Win2000)

Login name of the Active Directory user account for the previous version of Active Directory.

User login name (of local account)

Active Directory user account login name.

Attribute extension 01 - attribute extension 15

Additional company-specific information about the Active Directory user account.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating