Azure License Manager Account Store Settings
Setting | Description |
General Settings | |
Allow Person Provisioning (Joiner Source)
| Specifies whether EmpowerID Persons can be provisioned from user accounts in the account store. |
Allow Password Sync | Enables or disables the synchronization of password changes to user accounts in the domain based on password changes for the owning person object or another account owned by the person. This setting does not prevent password changes by users running the reset user account password workflows. |
Allow Attribute Flow
| Specifies whether attribute changes should flow between ALM and the account store. |
Allow Provisioning (By RET) | Allows or disallows the Resource Entitlement (RET) Inbox process to auto-provision accounts for this domain for users who receive RET policy-assigned user accounts, but have not yet had them provisioned. |
Allow Deprovisioning (By RET) | Allows or disallows the Resource Entitlement Inbox process to auto de-provision accounts for this domain for users who still have RET policy-assigned user accounts, but no longer receive a policy that grants them a user account in the domain. De-provisioning only occurs if the de-provision action on the Resource Entitlement policy is set to De-Provision. |
Allow Account Creation on Membership Request | Specifies whether EmpowerID creates user accounts in the account store when an EmpowerID Person without one requests membership within a group belonging to the account store. |
Recertify All Group Changes as Detected
| Specifies whether detected group changes should trigger recertification. |
Inventory Settings | |
Inventory Enabled
| Allows inventory of the user and group information in Azure |
Inventory Every X Minutes | Specifies the time span that occurs before EmpowerID performs a complete inventory of the Azure account store. The default value is 10 minutes. |
Enable Azure License Inventory
| Allows inventory of the license information in Azure |
Enable Azure RBAC Inventory | Allows inventory of the role information in Azure (should be disabled if not using Azure RBAC Manager) |
Inbox Inventory Settings | |
Inbox Inventory Enabled
| Allows inventory of the Inbox |
Inbox Inventory Every X minutes
| Specifies the time span that occurs before EmpowerID runs the Inbox Inventory job. The default value is 10 minutes. |
Membership Settings | |
Enable Group Membership Reconciliation | Allows EmpowerID to manage the membership of the account store’s groups, adding and removing user to and from groups based on policy-based assignment rules. |
Reconcile Membership Every X Minutes
| Specifies the time span that occurs before EmpowerID runs the Group Membership Reconciliation job. The default value is 10 minutes. |