立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning identities, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded identities Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Certifying departments, cost centers, and locations Reports about departments, cost centers, and locations
Identity administration
One Identity Manager users for managing identities Basics for managing identities Creating and editing identities Assigning company resources to identities Displaying the origin of identities' roles and entitlements Analyzing role memberships and identity assignments Deactivating and deleting identities Deleting all personal data Limited access to One Identity Manager Changing the certification status of identities Displaying the identities overview Displaying and deleting identities' Webauthn security keys Determining the language for identities Determining identities working hours Manually assigning user accounts to identities Entering tickets for identities Assigning extended properties to identities Reports about identities Basic configuration data for identities
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing identities Configuration parameters for managing devices and workdesks

Basic data for resources

The following basic data is required for managing resources.

  • Resource types

    You can use resource types to group resources.

  • Extended properties

    Extended properties are meta objects, such as operating codes, cost codes, or cost accounting areas that cannot be mapped directly in One Identity Manager.

Detailed information about this topic

Resource types

You can use resource types to group resources.

To create or edit resource types

  1. In the Manager, select the Entitlements > Basic configuration data > Resource types category.

  2. Click in the result list.

  3. On the main data form, enter the following main data.

    • Resource type: Name of the resource type.

    • Description: Text field for additional explanation.

  4. Save the changes.

To edit the main data of a resource type

  1. In the Manager, select the Entitlements > Basic configuration data > Resource types category.

  2. In the result list, select an resource type and run the Change main data task.

  3. Edit the main data of the resource type.

  4. Save the changes.

Creating and editing resources

Create and edit resources that an identity (workstation, device) can own exactly once. The resources can be requested in the IT Shop just once. The resources are assigned to the identities after approval has been granted. They remain assigned until the request is canceled. You can request them again a later point.

To create a resource

  1. In the Manager, select the Entitlements > Resources category.

  2. Click in the result list.

  3. Edit the resource's main data.

  4. Save the changes.

To edit the main data of a resource

  1. In the Manager, select the Entitlements > Resources category.

  2. Select a resource in the result list and run the Change main data task.

  3. Edit the resource's main data.

  4. Save the changes.
Detailed information about this topic

Main data for resources

Enter the following main data of a resource.

Table 60: Resource main data
Property Description
Resource Resource identifier.

Resource type

Resource type for grouping resources.

Service item

Service item through which you can request the resource in the IT Shop. Assign an existing service item or add a new one.

Required resource

Define the dependencies between resources. When this resource is requested or assigned, the required resource is assigned automatically.

Risk index

Value for evaluating the risk of assigning the resource to identities. Set a value in the range 0 to 1. This input field is only visible if the QER | CalculateRiskIndex configuration parameter is set.

For more information, see the One Identity Manager Risk Assessment Administration Guide.

IT Shop

Specifies whether the resource can be requested through the IT Shop. This resource can be requested through the Web Portal and allocated by defined approval processes. The resource can still be assigned directly to identities and roles outside of the IT Shop.

For more information, see the One Identity Manager IT Shop Administration Guide.

Only for use in IT Shop

Specifies whether the resource can be requested through the IT Shop. This resource can be requested through the Web Portal and allocated by defined approval processes. The resource cannot be directly assigned to roles outside the IT Shop.

For more information, see the One Identity Manager IT Shop Administration Guide.

No inheritance on security risk

Resources marked with this option are not inherited by identity that are rated as a security risk.

Description Text field for additional explanation.
Automatic assignment to identities

Specifies whether the resource is automatically assigned to all internal identities. By saving the resource, it is assigned to every identity that is not marked as external. Once a new internal identity is created, they automatically obtain this resource.

To automatically remove the resource assignment from all identities, disable this option. The resource cannot be reassigned to identities from this point on. Existing resource assignments remain intact.

Spare field no. 01 ... Spare field no. 10

Additional company-specific information. Use the Designer to customize display names, formats, and templates for the input fields.

Related topics
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级