Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

An identity type defines a specific account type in a target system. Such an identity type always belongs to exactly one Core Identity typestype, so that the system knows which attributes are present, and has exactly oneIdentity Provision Configuration. You specify the identity type to group your accounts into logical units such as SSO Identity, Standard AD Account or Test AD Account. A Core Identity can have multiple https://itsense.atlassian.net/l/c/0vy2yH0G but only one of each identity type.

...

Whenever you are creating of or updating a an identity type, you have to specify the following properties:

Property

Data Type

Mandatory

Example

Description

Name

String

(tick)

Standard AD Account

A readable name used in the UI.

TargetSystem

Drop Down

(tick)

Active Directory

Any target system configured in the system.

ProvisioningConfiguration

Drop Down

(tick)

Active Directory User

Any identity provisioning configuration configured in the system.

Identity Type Features

Each identity type supports a set of features that you can enable or disable. Below are the default features. Some identity types such as M365 identity types over additional features.

...

Whenever a Core Identity will be deactivated, this will also halt all update calculations. In some cases, this is not the desired behavior. For example if you have allocated an asset from the Asset Management that you assigned manually and you want those changes propagated to Active Directory even though the Core Identity is deactivated.

Set inactive if no active assignment are present

...

If enabled, an identity will be set to inactive if no active assignments are present. If disabled, an identity will be set to active even though it has no active assignments.This features usually is used in combination with the early resource allocation featureidentities that get created are in the state deactivated which will also be reflected in the corresponding target system.

This only works with identities who are provisioned in advance. For this the provisioning advance time has to be set in the provisioning configuration.

Normally identities are created in the state active.

Password reset active

If enabled, a user can reset the password of an identity of this identity type within the CoreOne Suite.

...