立即与支持人员聊天
与支持团队交流

Identity Manager On Demand - Starling Edition Hosted - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning identities, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded identities Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Certifying departments, cost centers, and locations Reports about departments, cost centers, and locations
Identity administration
One Identity Manager users for managing identities Basics for managing identities Creating and editing identities Assigning company resources to identities Displaying the origin of identities' roles and entitlements Analyzing role memberships and identity assignments Deactivating and deleting identities Deleting all personal data Limited access to One Identity Manager Changing the certification status of identities Displaying the identities overview Displaying and deleting identities' Webauthn security keys Determining the language for identities Determining identities working hours Manually assigning user accounts to identities Entering tickets for identities Assigning extended properties to identities Reports about identities Basic configuration data for identities
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing identities Configuration parameters for managing devices and workdesks

Main data for devices' asset data

Enter the following main data of the asset data of a device.

NOTE: Prices are given to 2 decimal places by default. The number of decimal places to enter can be modified in the Designer. For more information, see the One Identity Manager Configuration Guide.

Table 62: Device asset data

Property

Description

Asset number

Number of the asset in the bookkeeping.

Asset

Asset.

Storage class

 Asset class.

Storage type

 Asset type.

Device status

 The device's status.

Enabling

Date for enabling the asset or beginning the lease, respectively.

Deactivation

Date for disabling the asset or end of lease, respectively.

Replacement value

Value for replacing with a new device.

Depreciated value

Depreciation value for the device.

Company owned

Specifies whether the device is owned by the company.

Leased

Specifies whether the device is leased.

Invoice number

Invoice number of the purchase.

PSP character string

Asset PSP as character string.

Last inventory run

Date of last inventory.

Primary cost center

Cost center. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Serial number

Serial number of the device.

Delivery remarks

Text field for additional explanation.

Inventory remarks

Text field for additional explanation.

Primary business role

Business role. A workdesk can obtain company resources over the primary assignments when One Identity Manager is correspondingly configured.

NOTE: This property is available if the Business Roles Module is installed.

Primary location

Location. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Primary department

Department. Company resources can be inherited by a device through these primary assignments if One Identity Manager is appropriately configured.

Related topics

Commercial data for devices

Enter the following asset data for a device.

NOTE: Prices are given to 2 decimal places by default. The number of decimal places to enter can be modified in the Designer. For more information, see the One Identity Manager Configuration Guide.

Table 63: Commercial data of a device

Property

Description

Acquisition date

Date of purchase.

Delivery date

Date of delivery.

Delivery voucher number

Delivery voucher number.

Voucher

Voucher. For more information about vouchers, see the One Identity Manager Chargeback Administration Guide.

Warranty

Warranty expiry date.

Warranty number

Warranty number.

Setup date

Date of going into operation.

Owner

Leasing company.

supplier

Name of supplier.

Manufacturer

Name of manufacturer.

Purchase price

Purchase price.

Internal price

Internal price.

Sales price

Sales price.

Currency

Currency unit

Inventory note

Text field for additional explanation.

Withdrawal date

Date for writing off the device.

Investment

Investment or investment plan.

Leasing fee

Leasing fee.

Internal transfer price

Internal transfer price.

Depreciation month

Depreciation in months

Related topics

Managing resources

One Identity Manager not only offers the possibility to map IT resources but also non-IT resources such as mobile phones, desks, company cars, and keys, meaning everything that is necessary to create an efficient working environment for an identity. In One Identity Manager, you can assign resources directly to an identity or via classification into hierarchical roles. Similarly, you can request resources for an identity through the IT Shop.

Resources are divided up from a functional point of view.

Table 64: Resource types

Type

Description

Table

Resources

Resources that an identity (workdesk, device) may own just once.

The resources can be requested in the IT Shop just once. The resources are assigned to the identities after approval has been granted. They remain assigned until the request is unsubscribed. You can request them again a later point.

Example: phone, company car.

QERResource

Multi-request resources

Resources that can be requested more than once in the IT Shop. Requests are automatically canceled once approved. The resources are not explicitly assigned to identities.

Example: resource for requesting remote desktop sessions for assets in a PAM system; consumables, such as pens, printing paper.

QERReuse

Multi requestable/unsubscribable resources

Resources that an identity can request more than once in the IT Shop but must return them explicitly once they are no longer needed. The resources are assigned to the identities after approval has been granted. They remain assigned until the request is canceled.

Example: printer, monitor, Azure Active Directory role assignment

QERReuseUS

Assignment resources

Assignment resources are special resources for requesting any number of assignments to hierarchical roles or to delegate responsibilities in the IT Shop.

For more information about assignment resources, see the One Identity Manager IT Shop Administration Guide.

QERAssign

Detailed information about this topic

One Identity Manager users for managing resources

The following users are used for user administration.

Table 65: Users
Users Tasks

Administrators for the IT Shop

Administrators must be assigned to the Request & Fulfillment | IT Shop | Administrators application role.

Users with this application role:

  • Edit the resources and assign them to IT Shop structures.

One Identity Manager administrators

One Identity Manager administrator and administrative system users Administrative system users are not added to application roles.

One Identity Manager administrators:

  • Create customized permissions groups for application roles for role-based login to administration tools in the Designer as required.

  • Create system users and permissions groups for non role-based login to administration tools in the Designer as required.

  • Enable or disable additional configuration parameters in the Designer as required.

  • Create custom processes in the Designer as required.

  • Create and configure schedules as required.

  • Create and configure password policies as required.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级