Versions Compared

Old Version 1

changes.mady.by.user Kim Landis

Saved on

compared with

New Version Current

changes.mady.by.user Kim Landis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

EmpowerID supports tracking and assigning responsible owners for key objects like accounts, groups, computers, management roles, Locations, and Shared Credentials. This ownership relationship differs from that of a Person owning an account because that account represents them and is their personal account. Responsible person ownership is to signify who is responsible for an IT object from a security and audit perspective. Any EmpowerID RBAC Actor Type can be assigned as the "single" responsible owner but in most organizations, EmpowerID will be configured to only allow the assignment of single Person objects. The field storing this assignment is called ownerAssigneeID and is found on the respective objects tables.

...

To avoid having accounts with no responsible party, run the Accounts without a Responsible Party report. You can assign responsibility using the Responsible Party property on the Account Details page for each account, or bulk assign them from the Computers ViewMany page.


Info

By default, the type of

...

responsible party is set to Person, but you can edit the EmpowerID System Settings to change it to any actor type.

...

Having no one responsible for a privileged account is something to avoid. The Accounts without Owners report can help you to avoid such a situation.

...

See Changing the Responsible Party Type for more information.

To find accounts without a responsible party

  1. In the Navigation Sidebar, expand System Logs and select Reports.
  2. Scroll down and click the Accounts without a Responsible Party tile.

    Image Added

  3. A grid populates with information about all accounts in the EmpowerID system that do not have a responsible party.

    Image Added

To assign a person responsibility for an account

  1. In the Navigation Sidebar, expand Identities and select 

...

  1. User Accounts

...

  1. .

...

  2. Click the Logon Name for the account that you want to assign.
  3. On the Account Details page that appears, under Account Information, click in the

...

  1. Responsible Person field and start typing a name to search, and then click the tile for that person to select it.

...


  1. Image Added

  2. The account updates automatically when you select the tile, and an Update Complete message informs you when it is finished.

...

To change the owner type or allow the user to choose

...

  1. In the Navigation Sidebar, expand IT Shop and select Workflows.
  2. Click the Recycle EmpowerID AppPools workflow and allow it to finish.

To find accounts without owners

...


  1. Image Added


To bulk assign a responsible party for a number of accounts

  1. In the Navigation Sidebar, expand 

...

  1. Identities and select User Accounts.
  2. On the Actions tab, click Assign Responsibility for Accounts.

    Image Added

  3. On the Select Accounts page that appears, select accounts to assign to a responsible party and click Submit.

    Image Added

  4. In the Select Person page that appears, select the person you want to assign as the responsible party for the selected accounts and click Submit.

    Image Added

  5. Starting workflow message appears, and when the workflow finishes, a Request Complete message appears.

    Image Added




Div
stylefloat: left; position: fixed; top: 85px; padding: 5px;
idtoc
classtopicTOC


Div
stylemargin-left: 40px; margin-bottom: 40px;

Live Search
spaceKeyE2D
placeholderSearch the documentation
typepage


Div
stylefont-size: 1rem; margin-bottom: -45px; margin-left: 40px;text-transform: uppercase;

In this article



Table of Contents
stylenone