Mapping a SharePoint Online environment in One Identity Manager
Architecture overview One Identity Manager users for managing SharePoint Online Configuration parameters
Synchronizing a SharePoint Online environment
Setting up initial synchronization with a SharePoint Online tenant
Users and permissions for synchronizing with SharePoint Online Integrating One Identity Manager as application in Azure Active Directory Setting up the SharePoint Online synchronization server
System requirements for the SharePoint Online synchronization server Installing One Identity Manager Service with a SharePoint Online connector
Preparing the administrative workstation for access to SharePoint Online Preparing a remote connection server for access to the SharePoint Online tenant Creating a synchronization project for initial synchronization of a SharePoint Online tenant
Information required for setting up a synchronization project Creating an initial synchronization project for SharePoint Online
Configuring the synchronization log
SharePoint Online synchronization features Customizing the synchronization configuration
Configuring synchronization with SharePoint Online tenants Changing system connection settings of SharePoint Online tenants
Editing connection parameters in the variable set Editing target system connection properties
Updating schemas Configuring the provisioning of memberships Configuring single object synchronization Accelerating provisioning and single object synchronization
Running synchronization
Starting synchronization Displaying synchronization results Deactivating synchronization Synchronizing single objects
Tasks following synchronization
Post-processing outstanding objects Adding custom tables to the target system synchronization Managing user accounts through account definitions
Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing SharePoint Online user accounts and employees
Account definitions for SharePoint Online user accounts
Creating account definitions Editing account definitions Main data for account definitions Editing manage levels Creating manage levels Assigning manage levels to account definitions Main data for manage levels Creating mapping rules for IT operating data Entering IT operating data Assigning account definitions to employees
Assigning account definitions to departments, cost centers, and locations Assigning account definitions to business roles Assigning account definitions to all employees Assigning account definitions directly to employees Assigning account definitions to system roles Adding account definitions in the IT Shop
Assigning account definitions to SharePoint Online site collections Deleting account definitions
Assigning employees automatically to SharePoint Online user accounts
Editing search criteria for automatic employee assignment Changing manage levels for SharePoint Online user accounts Assigning account definitions to linked SharePoint Online user accounts
Manually linking employees to SharePoint Online user accounts Application cases for SharePoint Online user account Supported user account types
Default user accounts Administrative user accounts
Providing administrative user accounts for one employee Providing administrative user accounts for several employees
Privileged user accounts
Specifying deferred deletion for SharePoint Online user accounts
Managing assignments of SharePoint Online groups and roles
Assigning SharePoint Online entitlements to SharePoint Online user accounts
Prerequisites for indirect assignment of SharePoint Online entitlements to SharePoint Online user accounts Assigning SharePoint Online entitlements to departments, cost centers, and locations Assigning SharePoint Online entitlements to business roles Adding SharePoint Online entitlements to system roles Adding SharePoint Online entitlements to the IT Shop Assigning SharePoint Online user accounts directly to an entitlement Assigning SharePoint Online entitlements directly to a user account Assigning SharePoint Online roles to SharePoint Online groups Assigning SharePoint Online groups to SharePoint Online roles
Effectiveness of SharePoint Online entitlement assignments SharePoint Online group inheritance based on categories Overview of all assignments
Mapping of SharePoint Online objects in One Identity Manager
SharePoint Online tenants
Displaying and editing SharePoint Online tenant main data General main data of SharePoint Online tenants Additional tasks for managing SharePoint Online tenant
Overview of SharePoint Online tenants Editing the synchronization project for a SharePoint Online tenant
SharePoint Online user accounts
Creating SharePoint Online user accounts Editing main data of SharePoint Online user accounts Main data for user authenticated user accounts Main data for group authenticated user accounts Additional tasks for managing SharePoint Online user accounts
The SharePoint Online user account overview Assigning extended properties to SharePoint Online user accounts
Deleting and restoring SharePoint Online user accounts
SharePoint Online groups
Creating SharePoint Online groups Editing main data of SharePoint Online groups SharePoint Online group main data Additional tasks for managing SharePoint Online groups
Overview of SharePoint Online groups Assigning extended properties to SharePoint Online groups
Deleting SharePoint Online groups
SharePoint Online permission levels
Creating SharePoint Online permission levels Editing main data of SharePoint Online permission levels Entering main data for SharePoint Online permission levels Overview of SharePoint Online permission levels Deleting and restoring SharePoint Online permission levels
SharePoint Online site collections
Editing main data of SharePoint Online site collections General main data of a SharePoint Online site collection Address data for a SharePoint Online site collection Defining categories for the inheritance of SharePoint Online groups Additional tasks for managing site collections
Overview of SharePoint Online site collections
SharePoint Online sites
Editing main data of SharePoint Online sites General main data of SharePoint Online sites Address data of SharePoint Online sites Design information of SharePoint Online sites Overview of SharePoint Online sites Inheritance of SharePoint Online permissions by SharePoint Online sites
SharePoint Online roles
Editing main data of SharePoint Online roles General main data of SharePoint Online roles Additional tasks for managing SharePoint Online roles
Overview of SharePoint Online roles Effectiveness of SharePoint Online roles
Setting up SharePoint Online site collections and sites Reports about SharePoint Online objects
Handling of SharePoint Online objects in the Web Portal Basic data for managing a SharePoint Online environment
SharePoint Online authentication modes SharePoint Online site templates Job server for SharePoint Online-specific process handling
General main data of Job servers Specifying server functions
Target system managers
Troubleshooting a SharePoint Online connection
Error synchronizing after renaming a SharePoint Online site collection
Configuration parameters for managing SharePoint Online Default project template for SharePoint Online Editing system objects
Configuration parameters for managing SharePoint Online
The following configuration parameters are additionally available in One Identity Manager after the module has been installed.
Configuration parameter | Meaning |
---|---|
TargetSystem | SharePointOnline | Preprocessor relevant configuration parameter for controlling database model components for SharePoint Online target system administration. If the parameter is set, the target system components are available. Changes to this parameter require the database to be recompiled. If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide. |
TargetSystem | SharePointOnline | Accounts | Parameter for configuring SharePoint Online user account data. |
TargetSystem | SharePointOnline | Accounts | | Mail template used to send notifications about whether default IT operating data mapping values are used for automatically creating a user account. The Employee - new user account with default properties created mail template is used. |
TargetSystem | SharePointOnline | | Default email address of the recipient for notifications about actions in the target system. |
TargetSystem | SharePointOnline | | Maximum runtime of a synchronization in minutes. No recalculation of group memberships by the DBQueue Processor can take place during this time. If the maximum runtime is exceeded, group membership are recalculated. |
TargetSystem | SharePointOnline | | Mode for automatic employee assignment for user accounts added to the database outside synchronization. |
TargetSystem | SharePointOnline | | Mode for automatic employee assignment for user accounts that are added to or updated in the database by synchronization. |
Default project template for SharePoint Online
A default project template ensures that all required information is added in One Identity Manager. This includes mappings, workflows, and the synchronization base object. If you do not use a default project template you must declare the synchronization base object in One Identity Manager yourself.
Use a default project template for initially setting up the synchronization project. For custom implementations, you can extend the synchronization project with the Synchronization Editor.
NOTE: There is only one synchronization template in the One Identity Manager for the target system SharePoint Online.
To synchronize SharePoint Online user accounts and permissions, you use the SharePoint Online synchronization project template. The project template uses mappings for the following schema types.
Schema type in SharePoint Online | Table in the One Identity Manager Schema |
---|---|
Tenant | O3STenant |
Site | O3SSite |
Group | O3SGroup |
Web | O3SWeb |
RoleAssignment | O3SRLAsgn |
RoleDefinition | O3SRole |
User | O3SUser |
WebTemplate | O3SWebTemplate |
Editing system objects
The following table describes permitted editing methods for SharePoint Online schema types and names restrictions on editing system objects in the Manager.
Type | Read | Add | Delete | Change |
---|---|---|---|---|
Tenant | Yes | No | No | No |
Site collection | Yes | (Yes) | (Yes) | No |
User account | Yes | Yes | Yes | Yes |
Group | Yes | Yes | Yes | Yes |
Site | Yes | (Yes) | (Yes) | Yes |
Role | Yes | Yes | Yes | Yes |
Role assignment | Yes | No | No | Yes |
(Yes): It is technically possible to create and delete site collections and sites. However, the scripts and processes required for this must be customized. For more information, see Setting up SharePoint Online site collections and sites.
- Previous
- Viewing Topics 149 - 151 of 151
- Next
Related Documents