Organizations are another type of user entitlement equivalent to Roles and Groups with an exeptions that the user cannot request access to a group or role only. Access to organization is given to a user from HR system or other means.
Creating new organization types
Before creating any organization, it is required to create organization types first to tie the future organization with the type created. To create new organization type, go to Access Control -> Organization types and click new organization type tab on the left.
The following template is to be opened:
Fill in the necessary fields and click
Save. Here, organization type is created. The user can create as many organization types as required.
Creating new organization
To create new organization go to Access Control -> Organizations and click Create New Organization option in the side menu.
The organization creation template looks as follows.
The following sections describe the Types Manager capabilities.
|Organization Name||Name as it will be defined in OpenIAM.|
|Abbreviation||Optional field in case the organization has an abbreviation and wants to use it for business purposes.|
|Symbol||Optional field in case the organization has a symbol and wants to use it for business purposes.|
|Description||Optional field. Used to insert some description at the user's own discretion.|
|Metadata type||Is chosen as Organization Type as a default value. Note: It is a MetaData Type, not organization type.|
|Internal organization ID||Optional field. Many organizations have their own IDs and Codes, a user can insert it here to use for business purposes.|
|Organization type||Stands for the respective type of organization you're creating. Every organization has its separate type. Choose the respective type from the dropdown.|
|Password policy||Select the password policy that should be effective for the systems to be associated with this organization. In most cases it is a |
|Organization certifier||Choose a person or user who might be a reviewer for Access Certification.|
|Alias||Optional field. Used for supporting business values.|
|Domain name||Optional field. Used for supporting business values.|
|LDAP||Optional field. Used for supporting business values.|
Complete the group creation screen as described in the table above and click save to create your organization.
To update the existing organization, repeat the steps described above with exception of choosing the Edit organization option on the left and amending the fields as required.
Every organization has its own organization hierarchy, being Organization -> Division -> Department or University -> Campus -> Faculty, etc.
The default organizations hierarchy in OpenIAM is build around three-tier structure: Organization -> Division -> Department, but the user can customize it by means of creating their own hierarchy among their pre-created organization types with more than three tiers.
To see the default hierarchy, go to Administration -> Configuration and choose Organization tab. Here, you can see a default hierarchy, as shown below.
Adding/removing users from organizations
Find the user you want to add to a specific organization. Go to User Entitlements and click Add button, as shown below.
In the menu opened add the respective organization as needed by completing the fields in the window as described in table below.
|Organization||Chose the needed organization type.|
|Organization name||Chose the name of organization needed.|
|Start date||Stands for the date when the user joined this organization.|
|End date||Stands for the date when the user ends being affiliated with this organization.|
|Access Rights||Stands for the rights and accesc the user has.|
The alternative way of adding the user to respected organization is to use Synchronization service, based on their HR data in the source system via CSV file or a connector.
For additional information on importing organizations, see Importing the organization structure document.