Import target system data to be used as entitlement(s)
The import target system data feature is designed to assist the implementer of a target system in case of a new target system is being connected to HelloID provisioning.
For example when a target system is already used in production, and HelloID will be connected as a new application to manage entitlement inside this system.
Note
This functionality is currently only available for on-premise Active Directory target systems.
Running a local HelloID agent is required.
The configuration of correlation needs to be enabled and configured properly for the selected target system.
Go to Business > Entitlements.
Go to the Import tab.
The first step is to select a system from the Select System dropdown menu from which the data will be retrieved.
The next step is to perform an initial import of the system using the import button from the Import system tile. (limited to once per hour)
After the import is successfully completed, an evaluation is required. During this evaluation, HelloID will determine which entitlements already exist within the target system. The results of this evaluation are based on the business rules, which configure the entitlements a person should have access to.
The next step is to create a report based on the outcome of the result.
What this report will show is a summary of the evaluation outcome, in which the left hand side of the report will show all the persons which are entitled to one or more permission(s) for the selected target system and don’t already own these entitlements as being granted from HelloID.
The final step is to import the entitlement(s) after the report has been verified, what this step will do is import the state into HelloID making the entitlement state marked as being granted to the person.
The content of this report will contain a list of person(s) on the left hand side of the report which will be displayed as a result of the evaluation outcome. The cause of one or more expected persons not being displayed in this report could be related to the configuration of the scope conditions from the business rules. On the right hand side of the report a result of the account and/or permissionsbeing found for the person will be shown. The account result will contain the displayName and username of the correlated account for the user based on the correlation configuration.
Icons | Description |
|---|---|
Account: | An indicator showing the account entitlement will be managed for this person. |
No account: | An indicator showing no account entitlement could be found for this person in the target system. |
Active account: | An indicator showing the account access entitlement will be managed for this person. |
No active account: | An indicator showing no active account entitlement could be found for this person in the target system. |
Permissions: | An indicator showing these permission will be managed for this person as entitlements. |
No permissions: | An indicator showing that the person has no permissions, which are imported as entitlements to be managed by HelloID. |
Notice
In case a person is correlated to multiple accounts in the target system, the import report will show this state as a warning. This could be related to multiple scenario’s for example when multiple persons share the same correlation value from the source, or in case there are multiple accounts found for the same person sharing the same correlation value inside the correlation attribute.