立即与支持人员聊天
与支持团队交流

Identity Manager 9.0 LTS - Company Policies Administration Guide

Company policies in One Identity Manager Defining company policies
Basic data for company policies Creating and editing company policies Using default company policies Deleting company policies
Checking company policies Mitigating controls for company policies General configuration parameter for company policies

Deleting company policies

IMPORTANT: All information about a company policy and policy violations is irrevocably deleted when the company policy is deleted! The data cannot be retrieved at a later date.

One Identity therefore recommends that you create a report about the company policy and its current violations before deleting it, if you want to retain the information (for audit reasons, for example).

You can delete a company policy, if no policy violations exist for it.

To delete a company policy

  1. In the Manager, select the Company Policies > Policies category.

  2. Select the company policy to delete in the result list.

  3. Select the Disable policy task.

    Existing policy violations are removed by the DBQueue Processor.

  4. After the DBQueue Processor has recalculated policy violations for the company policy, click in the toolbar to delete the company policy.

    The company policy and the working copy are deleted.

Checking company policies

Processing tasks are created for the DBQueue Processor to check the validity of a company policy. The DBQueue Processor determines which employees satisfy the company policy and which employees violate the policy in the case of each company policy. The specified company policy approvers can check policy violations and if necessary grant exception approval.

Detailed information about this topic

Calculating policy violations

You can start policy checking in different ways to determine current policy violations in the One Identity Manager database:

  • Scheduled policy checking

  • Ad-hoc policy checking

Furthermore, company policy testing is triggered by different events:

  • A company is enabled.

  • A working copy is enabled.

  • A company policy is enabled.

During policy checking, all objects are found that fulfill the condition defined in the company policy. Only enabled company policies are taken into account.

Related topics

Scheduled policy checking

You can use the Policy check schedule from One Identity Manager's default installation to test all company policies in full. This schedule generates processing tasks at regular intervals for the DBQueue Processor.

Prerequisites
  • The company policy is enabled.

  • The schedule stored with the company policies is enabled.

Detailed information about this topic
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级