Mappings in Identity Management
User- User Group Mappings
- A user is mapped to a single or multiple user groups
- A user group can have multiple users
- User to user group mapping is many to many
- A function is mapped to multiple roles
- A role can have many functions
- Function to role mapping is many to many
- A folder/segment is mapped to an information domain
- An information domain can have many folders/segments
- Folder/segment to information domain mapping is one to one, that is, a folder can be mapped to a single domain
- A user group is mapped to multiple roles and each role will have multiple functions mapped to it.
- All users belonging to a user group can do all functions associated with the roles to which the user group is mapped.
Figure 13-30 User Group Role Mapping Illustration