Chat now with support
Chat with Support

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Identity Manager 9.2 - Web Portal User Guide

General tips and getting started Managing reports Requests
Setting up and configuring request functions Requesting products Managing the Saved for Later list Pending requests Displaying request history Canceling requests Renewing products with limit validity periods Unsubscribing products Displaying requests Undoing approvals Managing request inquiries directed at you
Attestation
Managing attestations Pending attestations Displaying attestation history Managing attestation inquiries directed at you
Compliance Managing risk index functions Responsibilities
My responsibilities
Managing my departments Managing my application roles Managing my devices Managing my business roles Managing my identities Managing my cost centers Managing my multi-request resources Managing my multi requestable/unsubscribable resources Managing my resources Managing my software applications Managing my locations Managing my system entitlements Managing my system roles Managing my assignment resources
Managing task delegations Ownerships
Managing data
Managing departments Managing user accounts Managing business roles Managing identities Managing cost centers Managing multi-request resources Managing multi requestable/unsubscribable resources Managing resources Managing locations Managing system entitlements Managing system roles Managing assignment resources
Opening other web applications Managing tickets Appendix: Attestation conditions and approval policies from attestation procedures

Removing identities from my system roles

You can remove identities from system roles by deleting the corresponding memberships.

To remove a system role from an identity

  1. In the menu bar click Data administration > Data Explorer.

  2. In the Data Explorer navigation, click System roles.

  3. On the System Roles page, click the system role that has a membership you want to delete.

  4. In the Edit System Role pane, click the Memberships tab.

  5. Select the check box next to the membership you want to delete.

  6. Click Remove.

  7. (Optional) In the Remove Memberships pane, perform the following:

    • For assignment requests: In the Reason for unsubscribing the membership field, enter why you want to remove the membership.

    • For memberships assigned through dynamic roles: In the Reason for excluding the members field, enter why you want to delete the memberships.

  8. Click Delete memberships.

    TIP: If you only selected direct memberships, confirm the prompt in the Remove Memberships dialog with Yes.

Managing system role entitlements

Identities can be assigned entitlements to different objects, such as, groups, accounts, roles, or applications. Assigning identities to system roles avoids you having to assign entitlements separately to each identity. All a system role's entitlements are automatically assigned to all the identities assigned to the system role.

Detailed information about this topic

Displaying system role entitlements

You can display entitlements assigned to system roles.

To display entitlements

  1. In the menu bar click Data administration > Data Explorer.

  2. In the Data Explorer navigation, click System roles.

  3. On the System Roles page, click the system role whose entitlements you want to display.

  4. In the Edit System Role pane, click the Entitlements tab.

Adding entitlements to system roles

You can add entitlements to system roles. You do this through a request.

To add an entitlement to a system role

  1. In the menu bar click Data administration > Data Explorer.

  2. In the Data Explorer navigation, click System roles.

  3. On the System Roles page, click the system role to which you want to add an entitlement.

  4. In the Edit System Role pane, click the Entitlements tab.

  5. On the Entitlements tab, click Request entitlements.

  6. In the Request Entitlements dialog, in the Select the type of entitlement to add menu, select which type of entitlement you want to add.

  7. Next to the entitlement you want to add, select the check box.

  8. Click Apply.

  9. Close the Edit System Role pane.

  10. In the menu bar, click Requests > Shopping cart.

  11. On the Shopping Cart page, click Submit.

    After the request has been granted approval, the entitlement is added to the system role.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating