Chat now with support
Chat with Support

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Identity Manager 9.2 - Administration Guide for Connecting to SharePoint Online

Mapping a SharePoint Online environment in One Identity Manager Synchronizing a SharePoint Online environment
Setting up initial synchronization with a SharePoint Online tenant SharePoint Online synchronization features Customizing the synchronization configuration Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing SharePoint Online user accounts and identities Managing assignments of SharePoint Online groups and roles Mapping SharePoint Online objects in One Identity Manager
SharePoint Online tenants SharePoint Online user accounts SharePoint Online groups SharePoint Online permission levels SharePoint Online site collections SharePoint Online sites SharePoint Online roles Setting up SharePoint Online site collections and sites Reports about SharePoint Online objects
Handling of SharePoint Online objects in the Web Portal Basic data for managing a SharePoint Online environment Troubleshooting a SharePoint Online connection Configuration parameters for managing SharePoint Online Default project template for SharePoint Online Editing system objects

Assigning extended properties to SharePoint Online user accounts

Extended properties are meta objects, such as operating codes, cost codes, or cost accounting areas that cannot be mapped directly in One Identity Manager.

For more information about using extended properties, see the One Identity Manager Identity Management Base Module Administration Guide.

To specify extended properties for a user account

  1. In the Manager, select the SharePoint Online > User accounts (user authenticated) category.

    - OR -

    In the Manager, select the SharePoint Online > User accounts (group authenticated) category.

  2. Select the user account in the result list.

  3. Select Assign extended properties.

  4. In the Add assignments pane, assign extended properties.

    TIP: In the Remove assignments pane, you can remove assigned extended properties.

    To remove an assignment

    • Select the extended property and double-click .

  5. Save the changes.

Deleting and restoring SharePoint Online user accounts

NOTE: As long as an account definition for an identity is valid, the identity retains the user account that was created by it. If the account definition assignment is removed, the user account that was created from this account definition, is deleted. User accounts marked as Outstanding are only deleted if the QER | Person | User | DeleteOptions | DeleteOutstanding configuration parameter is set.

In the Manager, you can delete a user account that was not created using an account definition in the result list or from the menu bar. After you have confirmed the security alert the user account is marked for deletion in the One Identity Manager. The user account is locked in One Identity Manager and permanently deleted from the One Identity Manager database and the target system depending on the deferred deletion setting.

For more information about deactivating and deleting identities and user accounts, see the One Identity Manager Target System Base Module Administration Guide.

To delete a user account that is not managed using an account definition

  1. In the Manager, select the SharePoint Online > User accounts (user authenticated) category.

    - OR -

    In the Manager, select the SharePoint Online > User accounts (group authenticated) category.

  2. Select the user account in the result list.

  3. Click in the result list.
  4. Confirm the security prompt with Yes.

To restore a user account

  1. In the Manager, select the SharePoint Online > User accounts (user authenticated) category.

    - OR -

    In the Manager, select the SharePoint Online > User accounts (group authenticated) category.

  2. Select the user account in the result list.

  3. Click in the result list.

Related topics

SharePoint Online groups

You can use groups in SharePoint Online to provide users with the same permissions. Groups that you add for site collections are valid for all sites in that site collection. SharePoint Online roles that you define for a site are assigned directly to groups. All user accounts that are members of these groups obtain the permissions defined in the SharePoint Online roles for this site. To add users to groups, you assign the groups directly to users. You can assign groups to departments, cost centers, locations, business roles, system roles, or the IT Shop.

You can edit the following group data in the One Identity Manager:

  • Object properties like display name, owner, or visibility of memberships

  • Assigned SharePoint Online role and user accounts

  • Usage in the IT Shop

  • Risk assessment

  • Inheritance through roles and inheritance restrictions

Related topics

Creating SharePoint Online groups

To create a group

  1. In the Manager, select the SharePoint Online > Groups category.

  2. Click in the result list.

  3. On the main data form, edit the main data of the group.

  4. Save the changes.
Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating