Update Azure Account Store Settings - V21

Account Store Settings

Setting

Description

General Settings

Allow Person Provisioning (Joiner Source)

Specifies whether EmpowerID Persons can be provisioned from user accounts in the account store.

Allow Password Sync

Enables or disables the synchronization of password changes to user accounts in the domain based on password changes for the owning person object or another account owned by the person. This setting does not prevent password changes by users running the reset user account password workflows.

Allow Attribute Flow

Specifies whether attribute changes should flow between EmpowerID and the account store.

Allow Provisioning (By RET)

Allows or disallows the Resource Entitlement (RET) Inbox process to auto-provision accounts for this domain for users who receive RET policy-assigned user accounts, but have not yet had them provisioned.

Allow Deprovisioning (By RET)

Allows or disallows the Resource Entitlement Inbox process to auto de-provision accounts for this domain for users who still have RET policy-assigned user accounts, but no longer receive a policy that grants them a user account in the domain. De-provisioning only occurs if the de-provision action on the Resource Entitlement policy is set to De-Provision.

Allow Account Creation on Membership Request

Specifies whether EmpowerID creates user accounts in the account store when an EmpowerID Person without one requests membership within a group belonging to the account store.

Recertify External Group Changes as Detected

Specifies whether detected group changes should trigger recertification.

Inventory Settings

Inventory Enabled

Allows EmpowerID to inventory the user and group information in the Azure tenant.

Inventory Every X Minutes

Specifies the time in minutes between full inventory iterations; the default is once every 10 minutes.

Enable Azure License Inventory

Specifies whether EmpowerID inventories Azure license information from the tenant.

Enable Azure RBAC Inventory

Specifies whether EmpowerID inventories Azure RBAC information from the tenant.

Inbox Inventory

Inbox Inventory Enabled

 

Inbox Inventory Every X Minutes

Specifies the time in minutes between inbox inventory iterations; the default is once every 10 minutes.

Membership Settings

Enable Group Membership Reconciliation

Allows EmpowerID to manage the membership of the account store’s groups, adding and removing user to and from groups based on policy-based assignment rules.

Reconcile Membership Every X Minutes

Specifies the time in minutes for group membership reconciliation to occur; the default is once every 10 minutes.