Create an Identity Collector

In Data Access Security, an Identity Collector is used for collecting accounts (users) and entitlements (groups) from a source. Currently, Data Access Security supports collecting accounts and entitlements from Active Directory and Azure Active Directory sources.

To create an identity collector, complete the following steps:

1. Navigate to Admin > Identity Collectors and click Create New.

General Details

1. From the Type dropdown, select the type of source.

2. In the Name field, provide a name for the identity collector.

   Note

   Identity Collectors cannot have the same name, even if they have different sources.

3. Select Next.

Connection Details

1. From the ISC Source dropdown, select the source the needs to be used for collecting users and groups.

   Note

   The source that was selected in the General Details steps will be the only source option that displays.

2. In the Properties to Fetch fields, you can manually add properties for users and groups which will be collected in addition to the default properties.

   Properties added in the Users Collection will be relevant to the collected users' data and the properties added in the Groups Collection will be relevant to the collected groups' data.

   When fetching user and group properties, only attributes that are available in the corresponding Identity Security Cloud source schema can be fetched.

   Note

   Entered properties will be mapped in the following steps.

Each source that Data Access Security connects to has a set of account and group attributes:

• Active Directory Attributes

• Azure:

  • Account Attributes
  • Group Attributes
• G Suite:
  • Account Attributes
  • Group Attributes
• Dropbox:
  • Account Attributes
  • Group Attributes
• Box Attributes
• Microsoft Entra:
  • Account Attributes
  • Group Attributes

Users - Dynamic Fields Mapping

This step is optional.

Dynamic Fields Mapping allows renaming the fetched properties (default properties and manually added ones) by mapping them to a dictionary field.

Note

Only Users Data Dictionary fields can be used for mapping.

1. After mapping the properties, select Next.

Groups - Dynamic Fields Mapping

This step is optional.

Dynamic Fields Mapping allows renaming the fetched properties (default properties and manually added ones) by mapping them to a dictionary field.

Note

Only Groups Data Dictionary fields can be used for mapping.

1. After mapping the properties, select Next.

   

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.