Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
tutorial:adm:accounts [2021/01/05 18:02] apeterova Unlink account |
tutorial:adm:accounts [2022/12/09 11:58] (current) doischert |
||
---|---|---|---|
Line 26: | Line 26: | ||
Usually, linking objects to CzechIdM entities takes place during a data Synchronization or Provisioning when the CzechIdM system is deployed in the production environment. But it is a common situation that some data have to be corrected in an end system as well, e.g. LDAP. It may well be that the algorithm for object linking during synchronization does not work for all entities on the end system, or the individuals who entered some data manually before CzechIdM had been implemented may have made some mistakes. In either one of those cases, having the option in CzechIdM to link an object to an entity manually comes in handy. | Usually, linking objects to CzechIdM entities takes place during a data Synchronization or Provisioning when the CzechIdM system is deployed in the production environment. But it is a common situation that some data have to be corrected in an end system as well, e.g. LDAP. It may well be that the algorithm for object linking during synchronization does not work for all entities on the end system, or the individuals who entered some data manually before CzechIdM had been implemented may have made some mistakes. In either one of those cases, having the option in CzechIdM to link an object to an entity manually comes in handy. | ||
- | To do so, open a detail of the system on which you want to link an identity to some object: **Systems -> System detail**. Next, the first thing to do is to create a SysAccount and define its ID. In the example below, a manually created identity is being connected to its mirrored object in the HR system. Go to the **Entities** tab, there is a list of all SysAccounts. | + | To do so, open the detail of the system on which you want to link an identity to some object: **Systems -> System detail**. Next, the first thing to do is to create a SysAccount and define its ID. In the example below, a manually created identity is being connected to its mirrored object in the HR system. Go to the **Entities** tab, there is a list of all entities on the system, that CzechIdM knows of. |
{{ : | {{ : | ||
- | In the next step, we create a new SysAccount object: | + | In the next step, we create a new system Entity (make sure the entity with the desired identifier is not yet present in the table): |
- | * Connected system - Read only | + | * Connected system - Read-only |
* Identifier in the system - here, the ID (e.g. login) of the object on the end system is to be typed in. | * Identifier in the system - here, the ID (e.g. login) of the object on the end system is to be typed in. | ||
* Entity type - Type of entity in CzechdIdM | * Entity type - Type of entity in CzechdIdM | ||
Line 37: | Line 37: | ||
{{ : | {{ : | ||
- | Once a SysAccount | + | Once a system entity |
{{ : | {{ : | ||
Line 67: | Line 67: | ||
===== Manually unlink account from the identity and IdM without deleting it ===== | ===== Manually unlink account from the identity and IdM without deleting it ===== | ||
+ | |||
+ | <note tip> | ||
You can use this tutorial e.g. in the following situations: | You can use this tutorial e.g. in the following situations: | ||
Line 88: | Line 90: | ||
{{ : | {{ : | ||
- | **5) Remove the link to the system account - open the account and clear the value in the select box for Entity (system)** | + | **5) Remove the link to the system account - open the account and clear the value in the select box for Entity (system). Then scroll down and click " |
{{ : | {{ : | ||
Line 97: | Line 99: | ||
Finally, you can make sure that the object still exists on the connected system. You can find it on the tab **Entities** of the connected system and open its detail. You could delete this entity (" | Finally, you can make sure that the object still exists on the connected system. You can find it on the tab **Entities** of the connected system and open its detail. You could delete this entity (" | ||
+ | |||
+ | ===== Manually change the value of an attribute for an account ===== | ||
+ | |||
+ | < | ||
+ | |||
+ | Once you open an account (either from the account agenda or from the detail of its owner, you can manually manage values of attributes for a specific account. | ||
+ | |||
+ | {{: | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | You can modify even values for attributes which are not present in a mapping. You will be able to see and modify all attribute values from the schema. | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | To edit the value of an attribute, click Edit, change the value. You will notice that the value will now show that it is manually managed. | ||
+ | |||
+ | {{: | ||
+ | |||
+ | Then, click the Save button. You will be presented with a differential view of the modified attribute values. | ||
+ | |||
+ | {{: | ||
+ | |||
+ | Confirm it and the value will be provisioned to the system. | ||
+ | |||
+ | ===== Admin tutorials ===== | ||
+ | * [[tutorial: |