立即与支持人员聊天
与支持团队交流

Identity Manager 9.1 - Identity Management Base Module Administration Guide

Basics for mapping company structures in One Identity Manager Dynamic roles Departments, cost centers, and locations
One Identity Manager users for managing departments, cost centers, and locations Basic information for departments, cost centers, and locations Creating and editing departments Creating and editing cost centers Creating and editing locations Setting up IT operating data for departments, cost centers, and locations Assigning employees, devices, and workdesks to departments, cost centers, and locations Assigning company resources to departments, cost centers, and locations Creating dynamic roles for departments, cost centers, and locations Dynamic roles with incorrectly excluded employees Assign organizations Specifying inheritance exclusion for departments, cost centers, and locations Assigning extended properties to departments, cost centers, and locations Certifying departments, cost centers, and locations Reports about departments, cost centers, and locations
Employee administration
One Identity Manager users for employee administration Basic data for employee main data Employee's central user account Employee's default email address Employee's central password Mapping multiple employee identities Password policies for employees Creating and editing employees Disabling and deleting employees Deleting all employee related data Limited access to One Identity Manager Changing the certification status of employees Assigning company resources to employees Displaying the origin of employees' roles and entitlements Analyzing role memberships and employee assignments Displaying the employees overview Displaying and deleting employees' Webauthn security keys Determining the language for employees Determining employees working hours Manually assigning user accounts to employees Entering calls for employees Assigning extended properties to employees Employee reports
Managing devices and workdesks Managing resources Setting up extended properties Configuration parameters for managing departments, cost centers, and locations Configuration parameters for managing employees Configuration parameters for managing devices and workdesks

Calculating role memberships for dynamic roles immediately

You can make a single dynamic role calculation immediately

To calculate role membership immediately

  1. In the Manager, select the role for which the dynamic role was created.

  2. Open the role's overview form.

  3. Select Dynamic roles and click on the dynamic role.

  4. Select the Change main data task.

  5. Select the Start recalculation immediately task and close the prompt with OK.

    A processing task for the DBQueue Processor is set in the DBQueue.

Related topics

Excluding dynamic roles from recalculation

You can exclude individual dynamic roles from recalculation. In this case, role memberships are not automatically recalculated. Existing role memberships remain as they are.

To exclude a dynamic role from recalculation

  1. In the Manager, select the role for which the dynamic role was created.

  2. Open the role's overview form.

  3. Select Dynamic roles and click on the dynamic role.

  4. Select the Change main data task.

  5. Enable the No recalculation of assignments option.

  6. Save the changes.

Related topics

Excluding employees from dynamic roles

Employees can be excluded automatically from dynamic roles on the basis of a denied attestation or a rule violation. An excluded list is maintained to do this. Excluded lists can also be defined for individual employees.

To add an employee to the excluded list

  1. In the Manager, select the role for which the dynamic role was created.

  2. Open the role's overview form.

  3. Select Dynamic roles and click on the dynamic role.

  4. Select the Exclude employees task.

  5. Click Add and select the employee from the Employee menu.

  6. (Optional) Enter a reason for the exclusion.

  7. Save the changes.

Related topics

Removing employees from the exclusion list

To remove an employee from the exclusion list

  1. In the Manager, select the role for which the dynamic role was created.

  2. Open the role's overview form.

  3. Select Dynamic roles and click on the dynamic role.

  4. Select the Exclude employees task.

  5. Select the employee and click Remove.

  6. Save the changes.

Related topics
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级