Import target system data to be used as entitlement(s)
The import target system data feature is designed to assist the implementer of a target system in case of a new target system is being connected to HelloID provisioning.
For example when a target system is already used in production, and HelloID will be connected as a new application to manage entitlement inside this system.
Note
This functionality is currently only available for on-premise Active Directory target systems.
Running a local HelloID agent is required.
The configuration of correlation needs to be enabled and configured properly for the selected target system.
Go to Business > Entitlements.
Go to the Import tab.
The first step is to select a system from the Select System dropdown menu from which the data will be retrieved.
The next step is to perform an initial import of the system using the import button from the Import system tile.
After the import is successfully completed an evaluation is required, from this evaluation HelloID is going to determine which entitlement(s) already exists inside the target system. The result of this evaluation is based on the outcome of the result as configured inside the business rules in which the entitlements are configured for a person to have access to.
The next step is to create a report based on the outcome of the result.
What this report will show is a summary of the evaluation outcome, in which the left hand side of the report will show all the persons which are entitled to one or more permission(s) for the selected target system and don’t already own these entitlements as being granted from HelloID.
The final step is to import the entitlement(s) after the report has been verified, what this step will do is import the state into HelloID making the entitlement state marked as being granted to the person.
The content of this report will contain a list of person(s) on the left hand side of the report which will be displayed as a result of the evaluation outcome. The cause of one or more expected persons not being displayed in this report could be related to the configuration of the scope conditions from the business rules. On the right hand side of the report a result of the account being found for the person will be shown. The account result will contain the displayName and username of the correlated account for the user based on the correlation configuration.
Icons | Description |
|---|---|
Account: | Indicator showing the account entitlement will be managed for this person. |
No account: | Indicator showing no account entitlement could be found for this person in the target system. |
Active account: | Indicator showing the account access entitlement will be managed for this person. |
No active account: | Indicator showing no active account entitlement could be found for this person in the target system. |
Notice
In case a person is correlated to multiple accounts in the target system, the import report will show this state as a warning. This could be related to multiple scenario’s for example when multiple persons share the same correlation value from the source, or in case there are multiple accounts found for the same person sharing the same correlation value inside the correlation attribute.