Chat now with support
Chat with Support

Identity Manager 9.2 - Administration Guide for Connecting to SharePoint Online

Mapping a SharePoint Online environment in One Identity Manager Synchronizing a SharePoint Online environment
Setting up initial synchronization with a SharePoint Online tenant SharePoint Online synchronization features Customizing the synchronization configuration Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing SharePoint Online user accounts and identities Managing assignments of SharePoint Online groups and roles Mapping SharePoint Online objects in One Identity Manager
SharePoint Online tenants SharePoint Online user accounts SharePoint Online groups SharePoint Online permission levels SharePoint Online site collections SharePoint Online sites SharePoint Online roles Setting up SharePoint Online site collections and sites Reports about SharePoint Online objects
Handling of SharePoint Online objects in the Web Portal Basic data for managing a SharePoint Online environment Troubleshooting a SharePoint Online connection Configuration parameters for managing SharePoint Online Default project template for SharePoint Online Editing system objects

General main data of SharePoint Online roles

The following properties are displayed for SharePoint Online roles.

Table 28: General main data of a SharePoint Online role
Property Description

Display name

SharePoint Online role display name.

Permission level

Unique identifier for the permission level on which the SharePoint Online role is based.

Site

Unique identifier for the site that inherits its permissions from the SharePoint Online role.

Service item

Service item data for requesting the role through the IT Shop.

Category

Categories for role inheritance. User accounts can inherit roles selectively. To do this, roles, and user accounts are divided into categories. Select one or more categories from the menu.

Description

Text field for additional explanation.

IT Shop

Specifies whether the SharePoint Online role can be requested through the IT Shop. This SharePoint Online role can be requested by staff through the Web Portal and granted through a defined approval procedure. The SharePoint Online role can still be assigned directly to user accounts and hierarchical roles.

Only for use in IT Shop

Specifies whether the SharePoint Online role can only be requested through the IT Shop. This SharePoint Online role can be requested by staff through the Web Portal and granted through a defined approval procedure. The SharePoint Online role may not be assigned directly to hierarchical roles.

NOTE: If the SharePoint Online role references a permission level for which the Hidden option is set, the IT Shop options and Only use in IT Shop cannot be set. You cannot assign these SharePoint Online roles to user accounts or groups.

Detailed information about this topic

Additional tasks for managing SharePoint Online roles

After you have entered the main data, you can run the following tasks.

Task

Topic

Overview of SharePoint Online Groups

Overview of SharePoint Online roles

Assign user accounts

Assigning SharePoint Online user accounts directly to an entitlement

Assign groups

Assigning SharePoint Online groups to SharePoint Online roles

Assign system roles

Adding SharePoint Online entitlements to system roles

Assign business roles

Assigning SharePoint Online entitlements to business roles

Assign organizations

Assigning SharePoint Online entitlements to departments, cost centers, and locations

Exclude SharePoint Online roles

Effectiveness of SharePoint Online roles

Assigning extended properties

Assigning extended properties to SharePoint Online groups

Synchronize object

Synchronizing single objects

Overview of SharePoint Online roles

To obtain an overview of a role

  1. In the Manager, select the category SharePoint Online > Roles.

  2. Select the role in the result list.

  3. Select the SharePoint Online role overview task.

Effectiveness of SharePoint Online roles

The behavior described under Effectiveness of SharePoint Online entitlement assignments can also be used for SharePoint Online roles.

The effect of the assignments is mapped in the O3SUserHasO3SRLAssign and BaseTreeHasO3SRLAssign tables through the XIsInEffect column.

Prerequisites
  • The QER | Structures | Inherite | GroupExclusion configuration parameter is set.

    In the Designer, set the configuration parameter and compile the database.

    NOTE: If you disable the configuration parameter at a later date, model components and scripts that are no longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

  • Mutually exclusive SharePoint Online roles belong to the same site collection.

To exclude SharePoint Online roles

  1. In the Manager, select the category SharePoint Online > Roles.

  2. Select the role in the result list.

  3. Select the Exclude SharePoint Online roles task.

  4. In the Add assignments pane, assign the roles that are mutually exclusive to the selected role.

    - OR -

    In the Remove assignments pane, remove the roles that are no longer mutually exclusive.

  5. Save the changes.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating