One Identity Manager allows you to lock or unlock certain fields. For example, let us suppose you are reading from your authoritative source the termination date, and for any reason you want to keep the user enabled for an extra day meaning preventing the termination date or inactivity from being executed for that user and disabling their access. You can prohibit or permit modification for every attribute or property in the tables within One Identity Manager.
Prohibit modification: The property is locked for editing. The input field is locked and grayed out.
Permit modification: The property is unlocked and available for editing.
Below is the screenshot to show you how to perform those actions. We will use the OneIM Manager tool to perform the actions.
- Select the field you want to lock. In the screen below we want to lock the Permanently deactivated, as you can notice under the Task section the option Deactivate employee permanently is also available.
2. Right-click in the Permanently Deactivate field and select Prohibit modification
3. After you clicked, the Permanently Disabled will be grayed out and the Option will be removed from the Task available.
4. To unlock the field, again right-click in the Permanently deactivated field but now select Permit modifications.
5. The Deactivate employee permanently is added back to the list of available tasks.
6. Let us try now with another attribute/property. Now lock the Date of birth field, as you can see is unlocked by default.
7. Repeat the previous step again, go to the Date of birth field and right-click > click the Prohibit modification option.
8. Tee date of birth field will be grayed out immediately due to the prohibited action. Now the field is locked and no one should be able to modify the Date of birth.
