立即与支持人员聊天
与支持团队交流

Identity Manager 8.1.5 - Compliance Rules Administration Guide

Compliance rules and identity audit
One Identity Manager users for identity audit Basic data for setting up rules Setting up a rule base rule check Creating custom mail templates for notifications
Mitigating controls Configuration parameters for Identity Audit

Ad-hoc rule checking

There are several tasks available for a rule that immediately perform a rule check.

Table 30: Additional tasks for rules
Task Description
Recalculate rule All employees are checked to see if they comply to the current rule.
Recalculate for current user All employees are checked to see if they comply to all rules.
Recalculate all All employees are checked to see if they comply to all rules.

Speeding up rule checking

Scheduled rule checking can take a long time under certain circumstances. This may be the case, for example, if many rules exist in which the employee group affected is not limited ("This rule is broken by all workers"). One Identity Manager supplies two consistency checks for optimizing performance of the calculation of affected employee groups. This reduces the amount of data in the auxiliary tables.

To optimize rule checking, start these consistency checks and repair the rules which are found.

To run a consistency check

  1. In the Manager, select the Database | Check data consistency menu item.
  2. Click Consistency Editor in the 's toolbar.
  3. Click in the test option dialog box's toolbar.
  4. Enable the "Content\Compliance\ComplianceRule change IsPersonStoreInverted to 1" and "Content\Compliance\ComplianceRule change IsPersonStoreInverted to 0" tests.
  5. Click OK.
  6. Run the consistency check for the "database" object.
  7. Verify the analysis results.

    TIP: For details about an error message

    1. Select the error message.
    2. Click in the toolbar.
  8. To optimize the rule condition for an affected rule
    1. Select the error message.
    2. Click on Repair both for the original rule and the working copy.
Detailed information about this topic
  • One Identity Manager User Guide for One Identity Manager Tools User Interface
Related topics

Rule check analysis

Each rule references its own object for rule violations (NonCompliance table). Employees who violate rules are assigned to this objects (PersonInNonCompliance table). There are two forms available for rule checking that are supposed to answer the following questions:

  • Which employees violate a specific rule?
  • Which rules are violated by a specific employee?

Which employees violate a specific rule?

To display employees that violate a rule

  1. Select the Identity Audit | Rule violations category.
  2. Select a rule violation in the result list.
  3. Select the Show rule violations task.

    This displays all employees assigned to the rule violation.

Table 31: Meaning of rule evaluation icons
Icon Meaning
Employees pending a rule violation decision.
Employees granted exception approval for their rule violation.
Employees not granted exception approval for their rule violation.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级