Skip to main content

Mapping attributes for OrgChart management

To illustrate how attribute mapping can be used, this section shows you how to map an account attribute to a profile attribute in order to build OrgChart data. This data can be used to escalate workflow requests or configure certification campaigns.

Map an account attribute if you want Bravura Security Fabric to:

  • Build the initial OrgChart automatically

  • Propagate changes to target systems when the OrgChart is updated

The account attribute that you configure must contain the long ID of the user’s primary manager. Bravura Security Fabric uses the built-in ORGCHART_MANAGER profile/request attribute to determine each user’s primary manager. The attribute can also be used to directly update a user’s primary manager. Ensure that your ”manager” account attribute is configured to be loaded during auto discovery .

Caution

Bravura Security Fabric allows exactly one OrgChart. If Bravura Security Fabric detects multiple trees in your pre-existing data, it uses the largest tree as the basis for your OrgChart.

If there are multiple trees with the same size, then Bravura Security Fabric chooses the tree with the greatest depth. Finally, if there are multiple trees with equal depth, then it chooses the first tree that it encountered.

If you want Bravura Security Fabric to propagate OrgChart changes to target systems, ensure that your ”manager” account attribute can be set.

Caution

After the initial OrgChart has been imported, if Bravura Security Fabric is still set up to load the ”manager” account attribute, but is not set up to propagate OrgChart changes back to the target system, any changes made to the OrgChart using Bravura Security Fabric will be overwritten during the next auto discovery.

Example: Configure an Active Directory or LDAP Directory Service account attribute

To configure an Active Directory or LDAP Directory Service account attribute for OrgChart management:

  1. Click Resources > Account attributes > Target system, then select 2101.png the appropriate target.

    Alternatively, you can configure account attributes at the target type level.

  2. Click the Defaults tab.

  3. Override the default account attribute configuration.

    For an LDAP Directory Service or Active Directory target, select 2101.png the manager attribute.

    Click Override.

  4. Ensure that the Map account attribute to profile/request attribute option is set to ORGCHART_MANAGER .

  5. Select the Load attribute values from target system checkbox if you want Bravura Security Fabric to import OrgChart data from the target system.

  6. Set Action when creating account to ”Set to specified value”. This means the value will be set by the ORGCHART_MANAGER profile attribute.

  7. Select an appropriate action from the Action when updating account drop-down list.

    If you do not want Bravura Security Fabric to propagate OrgChart changes to the target system, select Do not set this attribute.

  8. Click Add.

  9. If Bravura Security Fabric prompts you to confirm changes to attribute mappings, click Yes (recommended).

  10. Run auto discovery (Maintenance > Auto discovery > Execute auto discovery).

  11. Verifying that OrgChart data was loaded during auto discovery by running an Orgchart report.

Click below to view a demonstration:

In this section: