Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

Identity Manager 9.2 - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning identities, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded identities Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Certifying departments, cost centers, and locations Reports about departments, cost centers, and locations
Identity administration
One Identity Manager users for managing identities Basics for managing identities Creating and editing identities Assigning company resources to identities Displaying the origin of identities' roles and entitlements Analyzing role memberships and identity assignments Deactivating and deleting identities Deleting all personal data Limited access to One Identity Manager Changing the certification status of identities Displaying the identities overview Displaying and deleting identities' Webauthn security keys Determining the language for identities Determining identities working hours Manually assigning user accounts to identities Entering tickets for identities Assigning extended properties to identities Reports about identities Basic configuration data for identities
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing identities Configuration parameters for managing devices and workdesks

Contact data for departments

Enter the following contact data for departments Select the button next to the input field to activate it and add add data. Use the button to remove data from a list.

Table 13: Contact data for departments
Property Description

Email addresses

Email addresses for the department.

Visitors address

Department address for visitors.

Visiting hours

Department hours for visitors.

Phone hours

Department telephone hours.

Business hours

Department business hours.

Zip code

Department's zip code.

Functional area and risk assessment for departments

Here, you can enter values to classify the department, which analyzes the risk of a department with respect to identity audit.

Table 14: Main data of a department's functional area
Property Description

Country

Country. You require this to determine the identity’s language and working hours.

State

State. You require this to determine the identity’s language and working hours.

Functional area

Department functional area This data is required for department's risk assessment.

Risk index (calculated)

A risk index is calculated for the department risk assessment based on assigned company resources. This field is only visible if the QER | CalculateRiskIndex configuration parameter is set. For more information about risk assessment, see the One Identity Manager Risk Assessment Administration Guide.

Transparency index

Specifies how well you can trace department assignments. Use the slider to enter a value between 0 and 1.

0: no transparency

1: full transparency

Max. number of rule violations

Number of rule violations allowed in this department. The value can be evaluated when compliance rules are checked. For more information, see the One Identity Manager Compliance Rules Administration Guide.

NOTE: This property is only available if the Compliance Rules Module is installed.

Turnover for this unit

Turnover for this department.

Earnings for this unit

Earnings for this department.

Related topics

Creating and editing cost centers

Create new cost centers or edit the main data of existing cost centers.

To create a cost center

  1. In the Manager, select the Organizations > Cost centers category.

  2. Click in the result list.

  3. On the main data form, edit the main data of the cost center.

  4. Save the changes.

To edit main data of a cost center

  1. In the Manager, select the Organizations > Cost centers category.

  2. In the result list, select a cost center and run the Change main data task.

  3. Edit the cost center's main data.

  4. Save the changes.
Detailed information about this topic

General main data for cost centers

Enter the following data for a cost center.

Table 15: General main data of a cost center
Property Description

Cost center

Cost center name. Translate the given text using the button.

Short name

Cost center short name.

Parent cost center

Parent of cost center in the hierarchy.

To organize cost centers hierarchically, select the parent cost center in the menu. Leave this field empty if the cost center is at the top level of the cost center hierarchy.

Full name

Complete name of the cost center including parent cost centers. Translate the given text using the button.

Role type Role types for more detailed classification.

Manager

Manager responsible for the cost center.

2nd Manager

Deputy cost center manager.

Additional manager

Application role for a group of managers and deputies who manage this cost center.

To create a new application role, click . Enter the application role name and assign a parent application role.

Attestors

Applications role whose members are authorized to approve attestation cases for this cost center.

To create a new application role, click . Enter the application role name and assign a parent application role.

NOTE: This property is available if the Attestation Module is installed.

Department

Department to which the cost center is primary assigned.

Location

Location to which the cost center is primary assigned.

Role approver

Application role whose members approve IT Shop requests for members of this cost center.

To create a new application role, click . Enter the application role name and assign a parent application role.

Role approver (IT)

Application role whose members approve IT Shop requests for members of this cost center.

To create a new application role, click . Enter the application role name and assign a parent application role.

Description

Text field for additional explanation.

Comment

Text field for additional explanation.

Remarks

Text field for additional explanation.

Certification status

Certification status of the cost center. You can select the following certification statuses:

  • New: The cost center was newly added to the One Identity Manager database.

  • Certified: The cost center main data was granted approval by the manager.

  • Denied: The cost center main data was denied approval by the manager.

The certification status can be set depending on the result of regular attestations.

Import data source

Target system or data source, from which the data set was imported.

Deactivated

Specifies whether the cost center is actively used. Set this option if the cost center is not used. This option does not have any effect on the calculation of inheritance.

Block inheritance

Specifies whether inheritance for this cost center can be discontinued. Set this option to discontinue inheritance within the cost center hierarchy.

X500 nodes

Select this option to label a cost center for exporting to an X500 schema.

Identities do not inherit

Specifies whether identity inheritance should be temporarily prevented for this cost center.

Devices do not inherit

Specifies whether device inheritance should be temporarily prevented for this cost center.

Workdesks do not inherit

Specifies whether workdesk inheritance should be temporarily prevented for this cost center.

Dynamic roles not allowed

Specifies whether a dynamic role can be created for the cost center.

Spare field no. 01 ... Spare field no. 10

Additional company-specific information. Use the Designer to customize display names, formats, and templates for the input fields.

Spare date no. 01 ... Spare field no. 03

Additional company-specific information. Use the Designer to customize display names, formats, and templates for the input fields.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating