立即与支持人员聊天
与支持团队交流

Starling Connect Identity Manager Integrated - Starling Connect for Active Roles Administration Guide

Configuring Connectors in Starling

Before you configure Starling using the Active Roles Configuration Center, ensure the following:

  • Users must have acquired valid Starling Credentials, such as a Starling Organization Admin account or a Collaborator account associated with the One Identity Hybrid subscription. For more information on Starling, see the One Identity Starling User Guide.

  • The Active Roles Administration Service must be running on the computer where you want to configure Starling.
  • The Active Roles Administration Service must have a managed domain.

Configuring Starling in Active Roles

Active Roles version 7.4 supports integration with One Identity Starling services. The Starling Join feature in Active Roles now enables you to connect to One Identity Starling, the Software as a Service (SaaS) solution of One Identity. The Starling Join feature enables access to the Starling services through Active Roles thus allowing to benefit from the Starling services such as Two-factor Authentication and Identity Analytics and Risk Intelligence.

You can use the Active Roles Configuration Center to join One Identity Starling to Active Roles on the Starling wizard.

To start the wizard, click Configure in the Starling area on the Active Roles Dashboard page in the Configuration Center main window. The Starling wizard enables you to perform the Starling join operation.

Configuring Active Roles to join One Identity Starling

To configure Active Roles to join Starling

  1. On the Active Roles Configuration Center, under Starling, click Configure.
  2. Click Join One Identity Starling. The Get Started page on the Starling product is displayed.
  3. On the Starling Get Started page, enter your work email address enabled with Starling, and click Next.
  4. Enter the Starling credentials provided to you at the time of subscribing to Starling and follow the instructions displayed on the wizard to continue.

    NOTE:

    • If you have a Starling account, when a subscription is created for you, you will receive a Starling invitation email. Click the link in the email and log in to the Starling account.
    • If you do not have a Starling account, when a subscription is created for you, you will get a Starling Sign-up email to complete a registration process to create a Starling account. Complete the registration and log in using the credentials that you have provided during registration. For account creation details, see the One Identity Starling User Guide.

    The One Identity Starling dialog box in Active Roles with a progress message indicating the progress of joining Starling is displayed. A join confirmation page is displayed with the name of the Active Roles instance that is going to be joined to Starling .

    After the operation is completed successfully, the Starling tab is displayed with Account Joined success message.

To view the Starling 2FA settings

  1. On the Active Roles Configuration Center, in the left pane, click Starling.
  2. Click Starling tab.

    The status of the Starling connection is displayed.

  3. Click Starling 2FA tab.

    The status Starling 2FA is displayed.

  1. To disable the Starling 2FA feature click Disable Starling 2FA. To enable it again, click Enable Starling 2FA.

SCIM attribute mapping with Active Directory for users and groups

Active Roles provides support to connect to Starling Connect to manage the user provisioning and deprovisioning activities for the registered connectors. This is achieved through the internal attribute mapping mechanism. The AD attributes are mapped to SCIM attributes to perform each operation.

SCIM attribute mapping with Active Directory for Users

SCIM Active Directory
displayName displayName
givenName givenName
familyName sn
middleName middleName
title title
password edsaPassword
streetAddress streetAddress
locality city
postalCode postalCode
region state
country c
active edsaAccountIsDisabled
userName edsvauserName
honorificPrefix initials

formattedName

cn

emails proxyAddresses,mail
preferredLanguage preferredLanguage
description description
emailEncoding edsvaemailEncoding
alias edsvaalias
division division
company company
department department
homePage wWWHomePage
lastLogon lastLogon
accountExpires accountExpires

timezone

edsvatimezone

entitlements

edsvaentitlements

employeeNumber employeeNumber
cn cn
userPermissionsMarketingUser edsvauserPermissionsMarketingUser
userPermissionsOfflineUser edsvauserPermissionsOfflineUser
userPermissionsAvantgoUser edsvauserPermissionsAvantgoUser
userPermissionsCallCenterAutoLogin edsvauserPermissionsCallCenterAutoLogin
userPermissionsMobileUser edsvauserPermissionsMobileUser
userPermissionsSFContentUser edsvauserPermissionsSFContentUser
userPermissionsKnowledgeUser edsvauserPermissionsKnowledgeUser
userPermissionsInteractionUser edsvauserPermissionsInteractionUser
userPermissionsSupportUser edsvauserPermissionsSupportUser
userPermissionsLiveAgentUser edsvauserPermissionsLiveAgentUser
locale localeID
phoneNumbers telephoneNumber,mobile,homePhone
manager manager

SCIM attribute mapping with Active Directory for Groups

SCIM Active Directory
displayName cn

members

member

email

mail

manager

managedBy

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级