Versions Compared

Old Version 1

changes.mady.by.user Courtney Turner

Saved on

compared with

New Version 2

changes.mady.by.user Courtney Turner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Implemenation StepDetailsTechnical Notes
Step 4.

Client accesses one-permission link and approves the permission request

  •  Client Admin retrieves theirorganisationsAzure AD "Directory ID":                                                 
  1. Client Admin signs into https://portal.azure.com
  2. Select "Azure Active Directory" in left resources panel
  3. In the "Azure Active Directory" blade, scroll down to and select 'Properties'
  4. Copy the 'Directory ID'
      1. Share with CompliSpace consultant
        Image Removed
Step 4.Permission Approval
  •  Client Admin accesses the one-time permission link and approves the permission request

Image Removed

 

This step is required for CompliSpace to determine the user's memberOf details (the groups the user is assigned to on the client's AD) and their appropriate PolicyPlus tenant & section access.  

 Configure Test User
  •  Client Admin configures a test user with example group memberships and shares with CompliSpace
    •  Example groups to recommend are 
      •  "Fundamentals"
      •  "Public RO"
 Assign groups to all relevant users
  •  All users requiring access to PolicyPlus must be assigned the "Fundamentals" group and at least one other like "Public RO"
   
   



PolicyPlus Sections & Sitecode Example:


Access
Group/Permission Name
Access Type
Site AccessFundamentalsThis permission is required to allow any kind of access. Without this permission, no access will be granted whatsoever regardless of other permisions.
Public Public RORead Only to the Public section.
Public Public RWRead and Write to the Public section.
Tools Admin Tools Admin RORead Only to the Tools Admin section.
Tools Admin Tools Admin RWRead and Write to the Tools Admin section.
Archived Pages Archived Pages RORead Only to the Archived Pages section.
Archived Pages Archived Pages RWRead and Write to the Archived Pages section.
HR Administration (Managers Only) HR Administration (Managers Only) RORead Only to the HR Administration (Managers Only) section.
HR Administration (Managers Only) HR Administration (Managers Only) RWRead and Write to the HR Administration (Managers Only) section.

 

 

 

Warning

Technical Notes for client:  

  • We only support CN part of distinguished names, we currently do not look at any of the parent paths (e.g. OU=..,OU=...). (In fact, the Azure AD Graph API /memberOf endpoint strips away everything except the content of the CN. Example, the groups CN=Fundamentals, OU=Applications, O=Staff would have Azure AD only send us: Fundamentals)
  • We don't currently support nested groups.

 

 

Need more help?

CompliSpace Help Desk

Phone:1300 132 030
Email:helpdesk@complispace.com

Other resources

CompliSpace TV

Contains video tutorials on the administrator functions of the PolicyPlus and Assurance systems. 

Requires a login to access (can be requested from the Help Desk)

URL:http://www.complispacetv.com.au/