立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Administration Guide for Connecting to Custom Target Systems

Managing custom target systems Setting up scripted data provisioning in a custom target system Managing user accounts and identities Managing assignments of groups and system entitlements Login credentials for user accounts Mapping custom target system objects in One Identity Manager Treatment of custom target system objects in the Web Portal Basic configuration data for custom target systems Configuration parameters for managing custom target systems

Configuring display of custom schema extensions for custom target systems

You can display custom columns of the UNSAccountB, UNSContainerB, UNSGroupB, UNSGroupB1, UNSGroupB2, UNSGroupB3, UNSItemB, and UNSRootB tables on the forms in the Manager. To do this, modify the custom column's column definition.

For more information about adding custom columns to tables using the Schema Extension program and adjusting the column definitions using the Designer, see the One Identity Manager Configuration Guide.

To display custom columns of the UNSAccountB, UNSContainerB, UNSGroupB, UNSGroupB1, UNSGroupB2, UNSGroupB3, UNSItemB, and UNSRootB tables on forms in Manager

  • In the Designer, specify the order for displaying input fields in the Sort order property (DialogColumn.SortOrder). Columns with a sort order of less that one are not displayed.

  • In the Designer, modify the Group property (DialogColumn.ColumnGroup) in the column definition of the custom columns. The group determines which tab the column will appear on.

    • If you do not enter a group in the column configuration, the column will be displayed on a tab with the name Custom for all target system types.

    • If you enter a group in the column configuration, the column will be displayed on a tab with the group's name for all target system types. The group's name must not match the name of a target system type.

    • If you want to display a column for a particular target system type, only enter the specific target system type (DPRNamespace.Ident_DPRNamespace) as group. The column is displayed on a tab with the target system type's name. The column is not displayed for any other target system types.

    • To display more than one target system type, enter the target system types as groups by delimiting them with a comma. The column will be displayed on a tab with the target system type's name for each of the target system types entered. The column is not displayed for any other target system types.

    • To display the column for one or more target system types, but only on one tab with another name, enter the target system types delimited by commas (,) and the tab name as the group. This group will be used as tab name for all the target system types entered. The column is not displayed for any other target system types.

Example:

UNSAccountB is extended by five columns. The columns should be displayed as follows for target system type A, target system type B and target system type C.

  • You want to display Column 1 on the Custom tab for all target system types.

  • You want to display Column 2 on the Group A tab for all target system types.

  • You want to display Column 3 on the Target system type B tab for target system type B. Columns are not displayed for target system type A and target system type C.

  • You want to display column 4 for target system type B on the Target system type B tab and for target system type C on the Target system type C tab. The column is not displayed for target system type A.

  • You want to display Column 5 on the Group A tab for target system type B and target system type C. The column is not displayed for target system type A.

Table 32: Column configuration example

Column

Group

Column 1

 

Column 2

Group A

Column 3

Target system type B

Column 4

Target system type B, target system type C

Column 5

Target system type B, target system type C, group A

Configuration parameters for managing custom target systems

The following configuration parameters are additionally available in One Identity Manager after the module has been installed.

Table 33: Configuration parameters for managing custom target systems
Configuration parameters Meaning

TargetSystem | UNS

General configuration parameter for managing custom target systems.

TargetSystem | UNS | Accounts

Allows configuration of user account data.

TargetSystem | UNS | Accounts |
InitialRandomPassword

Specifies whether a random password is generated when new user accounts are added. It must contain at least those character sets set in the configuration subparameters.

TargetSystem | UNS | Accounts |
InitialRandomPassword | SendTo

Identity to receive an email with the random generated password (manager cost center/department/location/business role, identity’s manager or XUserInserted). If no recipient can be found, the password is sent to the address stored in the configuration parameter TargetSystem | UNS | DefaultAddress.

TargetSystem | UNS | Accounts |
InitialRandomPassword | SendTo |
MailTemplateAccountName

Mail template name that is sent to supply users with the login credentials for the user account. The Identity - new user account created mail template is used.

TargetSystem | UNS | Accounts |
InitialRandomPassword | SendTo |
MailTemplatePassword

Mail template name that is sent to supply users with the initial password. The Identity - initial password for new user account mail template is used.

TargetSystem | UNS | Accounts |
MailTemplateDefaultValues

Mail template used to send notifications about whether default IT operating data mapping values are used for automatically creating a user account. The Identity - new user account with default properties created mail template is used.

TargetSystem | UNS | CreateNewRoot

Specifies whether new target systems can be created. If this parameter is set, custom target systems can be added. Changes to this parameter require the database to be recompiled.

If you disable the configuration parameter at a later date, model components and scripts that are no longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

TargetSystem | UNS | DefaultAddress

Default email address of the recipient for notifications about actions in the target system.

TargetSystem | UNS | MaxFullsyncDuration

Maximum runtime of a synchronization in minutes. No recalculation of group memberships by the DBQueue Processor can take place during this time. If the maximum runtime is exceeded, group membership are recalculated.

TargetSystem | UNS | PersonAutoDefault

Mode for automatic identity assignment for user accounts added to the database outside synchronization.

TargetSystem | UNS | PersonAutoDisabledAccounts

Specifies whether identities are automatically assigned to disabled user accounts. User accounts do not obtain an account definition.

TargetSystem | UNS | PersonAutoFullSync

Mode for automatic identity assignment for user accounts that are added to or updated in the database by synchronization.

TargetSystem | UNS | PersonExcludeList

Listing of all user account without automatic identity assignment. Names are listed in a pipe (|) delimited list that is handled as a regular search pattern.

Example:

ADMINISTRATOR|GUEST|KRBTGT|TSINTERNETUSER|IUSR_.*|IWAM_.*|SUPPORT_.*|.* | $

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级