Chat now with support
Chat with Support

Identity Manager 9.3 - Administration Guide for Connecting to Active Directory

Managing Active Directory environments Synchronizing an Active Directory environment
Setting up initial synchronization with an Active Directory domain Adjusting the synchronization configuration for Active Directory environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing Active Directory user accounts and identities
Account definitions for Active Directory user accounts and Active Directory contacts Assigning identities automatically to Active Directory user accounts Supported user account types Updating identities when Active Directory user account are modified Automatic creation of departments and locations based on user account information Specifying deferred deletion for Active Directory user accounts and Active Directory contacts
Managing memberships in Active Directory groups Login credentials for Active Directory user accounts Mapping Active Directory objects in One Identity Manager
Active Directory domains Active Directory container structures Active Directory user accounts Active Directory contacts Active Directory groups Active Directory computers Active Directory security IDs Active Directory printers Active Directory sites Reports about Active Directory objects
Handling of Active Directory objects in the Web Portal Basic data for managing an Active Directory environment Configuration parameters for managing an Active Directory environment Default project template for Active Directory Processing methods of Active Directory system objects Active Directory connector settings

Creating and editing Active Directory containers

Containers are loaded from Active Directory into the One Identity Manager database during synchronization. You can create new containers or edit existing ones.

To create a container

  1. In the Manager, select the Active Directory > Container category.

  2. Click in the result list.

  3. Edit the container's main data.

  4. Save the changes.

To edit a container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list and run the Change main data task.

  3. Edit the container's main data.

  4. Save the changes.
Related topics

Main data for Active Directory containers

Enter the following main data for a container.

Table 29: Main data for a container
Property Description

Name

Container name.

Distinguished name

Container's distinguished name. The distinguished name for the new container is made up of the container name, the object class, the parent container, and the domain, and it cannot be modified.

Structural object class

Structural object class representing the object type.

Object class

List of classes defining the attributes for this object. The object classes listed are read in from the database during synchronization with the Active Directory environment. You can also enter object classes in to the input field. Other properties can be edited depending on the object class.

NOTE: New containers should be set up as organizational units (ORGANIZATIONALUNIT object class). Organizational units (for example, branches, or departments) are used organize Active Directory objects, such as users, groups, and computers, in a logical way and therefore make administration of the objects easier. Organizational units can be managed in a hierarchical container structure.

Domain

Container domain

Parent container

 Parent container for mapping a hierarchical container structure. The distinguished name is automatically updated using templates.

Account manager

Manager responsible for the container.

To specify an account manager

  1. Click next to the field.
  2. In the Table menu, select the table that maps the account manager.
  3. In the Account manager menu, select the manager.
  4. Click OK.

Target system manager

Application role in which target system managers are specified for the container. Target system managers only edit container objects that are assigned to them. Each container can have a different target system manager assigned to it.

Select the One Identity Manager application role whose members are responsible for administration of this container. Use the button to add a new application role.

Street

Street or road.

Zip code

Zip code.

Location

Location.

State

State.

Country ID

The country ID.

Description

Text field for additional explanation.

Extended Function

Filter criteria for other representations of the container. Containers marked with this option are only shown in the Active Directory user account and computer manager when advanced mode console view is active.

Protected from accidental deletion

Specifies whether to protect the container against accidental deletion. If the option is set, the permissions for deleting the container are removed in Active Directory. The container cannot be deleted or moved.

Related topics

Assigning extended properties to Active Directory containers

Extended properties are meta objects, such as operating codes, cost codes, or cost accounting areas that cannot be mapped directly in One Identity Manager.

For more information about using extended properties, see the One Identity Manager Compliance Rules Administration Guide.

To specify extended properties for a container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list.

  3. Select Assign extended properties.

  4. In the Add assignments pane, assign extended properties.

    TIP: In the Remove assignments pane, you can remove assigned extended properties.

    To remove an assignment

    • Select the extended property and double-click .

  5. Save the changes.

Deleting Active Directory containers

Containers are deleted permanently from the One Identity Manager database and from Active Directory.

NOTE: Containers with the Protected from accidental deletion option set, cannot be deleted.

To delete an Active Directory container

  1. In the Manager, select the Active Directory > Container category.

  2. Select the container in the result list.

  3. Delete the container by using .

  4. Confirm the security prompt with Yes.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating