Omada Identity Governance
The Omada Identity Governance feature enables you to govern the users and user group memberships on Enterprise Server. To achieve it, the following objects are mapped to corresponding objects in the Omada Identity system:
| Enterprise server object | Omada Identity system object |
|---|---|
| users | accounts |
| user groups | resources |
| user group memberships | resource assignments |
Connectivity of the Omada Identity Governance feature is based on the OData connectivity utilizing its collector and connector.
Identities require account assignment in the Omada Identity system to acquire users and assignment to group resources, allowing them to become a members of the user group.
The users and user group memberships are imported in the Omada Data Warehouse as permission assignments.
The provisioning and deprovisioning of the accounts and group memberships is conducted by a combination of the Omada Provisioning Service and Role and Policy Engine.
For Cloud Management portal the membership of the Platform administrator group cannot be provisioned though the Omada Provisioning Service. If an assignment to the Platform administrator is granted, the OPS task fails.
The relationship between the User and the Identity through the IDENTITYREF property is only populated for Personal accounts.