...
If you create these mappings before your first inventory, all new people discovered by EmpowerID during the inventory process will be provisioned into EmpowerID Locations (instead of directory locations), and those EmpowerID Locations will be assigned to them as the "Location" portion of their Business Role and Location (BRL). For example, if you have a user named "Barney Smythe" in a London >> Contractors OU and a user named "ChrisMcClure" in a London >> Employees OU, and you map both of those London OUs to a single London location in EmpowerID when you turn on your inventory, the Location portion of the BRL for both Barney Smythe and Chris McClure would be the EmpowerID Location and not the AD OUs.
| Tip |
|---|
After a major update patched into EmpowerID versions 209, 210, 211, 212, and 213, dynamic on-demand tree loading and enhanced server-side full-text search capabilities were implemented in location trees, business role trees, external location trees, and external business role trees. These updates significantly improve performance by loading only required nodes on demand and delivering more accurate search results. Application trees, company trees, and catalog trees remain on the previous implementation as they do not require these enhancements due to their smaller size. |
| Info |
|---|
If more than one OU is mapped to an EmpowerID Location, setting the IsPrimary property determines which mapping should be authoritative when used for various policies, such as creating accounts by RET and assigning primary Business Roles and Locations (when the Business Role and Location recalculation option is enabled). |
When users search for groups or Business Roles in the IAM Shop, they will only see roles and groups located in or below the OrgZones (locations)
...
specified in the appsettings.json file for the IAM Shop. Please find the more details here Changing IAM Shop Application and Business Roles Parent Nodes
Procedure
Please follow the steps below to use the Map Locations in EmpowerID.
| Note |
|---|
Please be aware of selection behavior while you are following the steps below.
|
On the navbar, expand Identity Lifecycle and click Role and Location Mapper.
Select the Location Mapper tab.
From
...
the External Source Location, search and select the external location you want to map
...
,
(Optional) Select an Account Store from the first drop-down list if applicable.
(Optional) Enter a location to narrow the search criteria.
Click the Search icon to filter the results. Notethat Only two levels of the hierarchy load initially. To select a location, Hover over the location node until a checkbox appears. Click on the checkbox to select the location. Ensure all relevant nodes are expanded before making selections, as the system only selects visible child nodes automatically when a parent node is checked.
Select the Internal Destination location from the tree.
...
From the External Location pane, enter the name of the external directory location to which you want to map the EmpowerID location. Please note that if you select an external location that is a parent location, the children of that location will be mapped to the selected EmpowerID location.
...
Enter the search text, click the Search icon or press Enter. Initially, only two levels of the hierarchy load.
To see more child nodes, click the (+) or Expand Location option. You can repeat this step to expand and view more child nodes as needed.
Hover over the location node until the checkbox appears. Click on the checkbox to select the location, or simply click on the node to select. Ensure all relevant nodes are expanded before making selections, as the system only selects visible child nodes automatically when a parent node is checked.
Click Save to save the mapping.
Repeat for any other mappings you wish to create.
...