Before you configure Starling using the Active Roles Configuration Center, ensure the following:
Users must have acquired valid Starling Credentials, such as a Starling Organization Admin account or a Collaborator account associated with the One Identity Hybrid subscription. For more information on Starling, see the One Identity Starling User Guide.
Active Roles version 7.4 supports integration with One Identity Starling services. The Starling Join feature in Active Roles now enables you to connect to One Identity Starling, the Software as a Service (SaaS) solution of One Identity. The Starling Join feature enables access to the Starling services through Active Roles thus allowing to benefit from the Starling services such as Two-factor Authentication and Identity Analytics and Risk Intelligence.
You can use the Active Roles Configuration Center to join One Identity Starling to Active Roles on the Starling wizard.
To start the wizard, click Configure in the Starling area on the Active Roles Dashboard page in the Configuration Center main window. The Starling wizard enables you to perform the Starling join operation.
To configure Active Roles to join Starling
|
NOTE:
|
The One Identity Starling dialog box in Active Roles with a progress message indicating the progress of joining Starling is displayed. A join confirmation page is displayed with the name of the Active Roles instance that is going to be joined to Starling .
After the operation is completed successfully, the Starling tab is displayed with Account Joined success message.
To view the Starling 2FA settings
The status of the Starling connection is displayed.
The status Starling 2FA is displayed.
To disable the Starling 2FA feature click Disable Starling 2FA. To enable it again, click Enable Starling 2FA.
Active Roles provides support to connect to Starling Connect to manage the user provisioning and deprovisioning activities for the registered connectors. This is achieved through the internal attribute mapping mechanism. The AD attributes are mapped to SCIM attributes to perform each operation.
SCIM attribute mapping with Active Directory for Users
SCIM | Active Directory |
displayName | displayName |
givenName | givenName |
familyName | sn |
middleName | middleName |
title | title |
password | edsaPassword |
streetAddress | streetAddress |
locality | city |
postalCode | postalCode |
region | state |
country | c |
active | edsaAccountIsDisabled |
userName | edsvauserName |
honorificPrefix | initials |
formattedName |
cn |
emails | proxyAddresses,mail |
preferredLanguage | preferredLanguage |
description | description |
emailEncoding | edsvaemailEncoding |
alias | edsvaalias |
division | division |
company | company |
department | department |
homePage | wWWHomePage |
lastLogon | lastLogon |
accountExpires | accountExpires |
timezone |
edsvatimezone |
entitlements |
edsvaentitlements |
employeeNumber | employeeNumber |
cn | cn |
userPermissionsMarketingUser | edsvauserPermissionsMarketingUser |
userPermissionsOfflineUser | edsvauserPermissionsOfflineUser |
userPermissionsAvantgoUser | edsvauserPermissionsAvantgoUser |
userPermissionsCallCenterAutoLogin | edsvauserPermissionsCallCenterAutoLogin |
userPermissionsMobileUser | edsvauserPermissionsMobileUser |
userPermissionsSFContentUser | edsvauserPermissionsSFContentUser |
userPermissionsKnowledgeUser | edsvauserPermissionsKnowledgeUser |
userPermissionsInteractionUser | edsvauserPermissionsInteractionUser |
userPermissionsSupportUser | edsvauserPermissionsSupportUser |
userPermissionsLiveAgentUser | edsvauserPermissionsLiveAgentUser |
locale | localeID |
phoneNumbers | telephoneNumber,mobile,homePhone |
manager | manager |
SCIM attribute mapping with Active Directory for Groups
SCIM | Active Directory |
displayName | cn |
members |
member |
|
|
manager |
managedBy |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center