Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 2

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Examples of such Permission Levels for computers could include "Local Admin", "Power User", or "Backup Operator.” When a user requests access to a computer and selects an IAM Shop Permission Level, EmpowerID adds the user to the corresponding group on the computer with those permissions. For this process to work, administrators must assign the desired IAM Shop Permission Levels to a computer and map those permission levels to the appropriate groups granting those permissions on the computer itself. It is crucial important to note that IAM Shop Permission Levels are merely labels and must be mapped correctly to grant any permissions.

...

Info

EmpowerID includes “Local Admin” and “Domain Admin” as default IAM Shop Permission Levels for computers. However, to tailor permission levels to your specific needs, you have the option to create and label your custom IAM Shop Permission Levels. If you're interested in this customization, please see Creating IAM Shop Permission Levels.

...

  1. On the navbar, expand the Identity Management section and select Computers.

  2. Locate the computer to which you want to add IAM Shop Permission Levels. To do this, use the search function, and once found, click on the Display Name link associated with the computer.

    This opens the Computer View One page. View One pages are designed to facilitate the viewing and management of their corresponding objects in EmpowerID.

    Image RemovedImage Added

  3. On the View One page for the computer, click the RBAC subtab and expand IAM Shop Assignees for Requesting Access.

  4. Click the Add New (blue star) button.

    Image RemovedImage Added

  5. Under General, select the IAM Shop Permission Level you want to assign.

    Image RemovedImage Added


    Now that you have selected the permission level, the next step is to select the assignee granting the permission level. In our example, we are going to select an EmpowerID group that is mapped to a group on the native system You can select any type of RBAC actor as the assignee type as long as that actor has a role that grants the access represented by the access level.

  6. Under Assignee Granting the Permission Level, do the following:

    1. Select the assignee type from the Which Type of Assignee For This Policy dropdown.

    2. Select the appropriate assignee from the Select <Assignee> To Receive Policy dropdown.

      Image RemovedImage Added

  7. Click Save.

    Image RemovedImage Added

     

  8. Repeat to add other assignees as needed.

  9. Click Submit to complete the process.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue