立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Administration Guide for Connecting to Cloud Applications

Mapping cloud applications in One Identity Manager Synchronizing cloud applications through the Universal Cloud Interface Provisioning object changes Managing provisioning processes in the Web Portal Mapping cloud objects in One Identity Manager
Cloud applications Container structures in cloud applications User accounts in cloud applications Groups and system entitlements in cloud applications Permissions controls in a cloud application
Base data for managing cloud applications Troubleshooting a cloud application connection Default project template for cloud applications Cloud system object processing methods Configuration parameters for managing cloud applications

Setting up initial synchronization with a cloud application

The One Identity Manager provides project templates with which you can set up synchronization of cloud applications. You use these project templates to create synchronization projects with which you import the data from a cloud application into your One Identity Manager database. In addition, the required processes are created that are used for the provisioning of changes to target system objects from the One Identity Manager database into the target system.

To load cloud application objects into the One Identity Manager database for the first time.

  1. Supply a user with sufficient permissions for accessing the cloud application.

  2. Install and configure a synchronization server and declare the server as a Job server in One Identity Manager.
  3. Create a synchronization project with the Synchronization Editor.
Detailed information about this topic

Users and permissions for synchronizing with a cloud application

The following users play a role in synchronizing One Identity Manager with a cloud application.

Table 2: Users for synchronization
User Permissions
One Identity Manager Service user account

The user account for the One Identity Manager Service requires user permissions to carry out operations at file level (adding and editing directories and files).

The user account must belong to the Domain users group.

The user account must have the Login as a service extended user permissions.

The user account requires permissions for the internal web service.

NOTE: If the One Identity Manager Service runs under the network service (NT Authority\NetworkService), you can grant permissions for the internal web service with the following command line call:

netsh http add urlacl url=http://<IP address>:<port number>/ user="NT AUTHORITY\NETWORKSERVICE"

The user account needs full access to the One Identity Manager Service installation directory in order to automatically update One Identity Manager.

In the default installation, One Identity Manager is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)

  • %ProgramFiles%\One Identity (on 64-bit operating systems)

Security tokens or users for accessing the cloud application Security tokens or user name and password for use as authentication in the cloud application.

User for accessing the One Identity Manager database

The Synchronization default system user is provided to run synchronization using an application server.

Setting up the SCIM synchronization server

All One Identity Manager Service actions are run against the target system environment on the synchronization server. Data entries required for synchronization and administration with the One Identity Manager database are processed by the synchronization server.

The One Identity Manager Service must be installed on the synchronization server, with the SCIM connector.

Detailed information about this topic

System requirements for the SCIM synchronization server

To set up synchronization with a cloud application, a server has to be available that has the following software installed on it:

  • Windows operating system

    The following versions are supported:

    • Windows Server 2022

    • Windows Server 2019

    • Windows Server 2016

    • Windows Server 2012 R2

    • Windows Server 2012

  • Microsoft .NET Framework version 4.8 or later

    NOTE: Take the target system manufacturer's recommendations into account.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级