Mappers

Introduction

Mappers provide an automated mechanism for assigning users to specific groups and roles based on predefined criteria. This functionality streamlines user management by automatically applying group memberships and permission levels when users are added to the system, eliminating the need for manual assignment.

Table of Contents

• Accessing Mappers
• Mappers Interface
• Creating Mappers
• Viewing Mapper Details
• Editing Mappers
• Deleting Mappers
• Mapper Execution
• Best Practices
• Troubleshooting

Accessing Mappers

Navigation Path

1. Log in to the application with an administrator account
2. Click on User Management in the main navigation menu
3. Select Mappers from the dropdown options

Access Requirements

• Users must have either Super Admin or Admin privileges to access Mappers
• Regular users cannot access this section

Mappers Interface

The Mappers interface consists of the following components:

Main View

• Mapper list table displaying existing mappers
• Search bar for filtering mappers
• Add New Mapper button
• Pagination controls (if applicable)

Mapper List Table

The mapper list table displays the following information for each mapper:

• Mapper Name
• Directory ID
• Associated Groups
• Role Assignment
• Status (Active/Inactive)
• Date Created
• Last Modified
• Action buttons (Edit, Delete)

Creating Mappers

To create a new mapper:

1. Navigate to the Mappers interface
2. Click the Add New Mapper button in the top-right corner
3. A popup dialog will appear with the following fields:

Field	Description	Required
Mapper Name	A unique identifier for the mapper	Yes
Directory ID	The external directory identifier to map from	Yes
Groups	Groups to which users will be automatically assigned	Yes
Role	Role to assign to mapped users	Yes

4. Mapper Name: Enter a descriptive name for the mapper (e.g., "Marketing Department Mapper", "Developer Team Mapper")

   • Names must be unique across the system
   • Maximum length: 50 characters
   • Allowed characters: alphanumeric, spaces, hyphens, and underscores

5. Directory ID: Enter the identifier from the external directory system (e.g., Active Directory, LDAP)

   • This ID is used to match users from the external system
   • Format requirements depend on the integrated directory service
   • Case-sensitive (in most configurations)

6. Groups: Select one or more groups from the dropdown list

   • Users matching the Directory ID will be automatically added to these groups
   • The list displays all existing groups in the system
   • Use the search field to filter groups by name
   • Selected groups appear as tags which can be removed by clicking the 'x' icon

7. Role: Select one of the following roles to assign to matched users:

   • Super Admin: Full system access with all privileges
   • Admin: Administrative access with limitations
   • User: Standard user access with group-based permissions

8. Click the Add button to create the mapper

9. A success notification will appear when the mapper is created successfully

Viewing Mapper Details

To view detailed information about a mapper:

1. Locate the mapper in the Mappers interface
2. Click on the mapper name to open the Mapper Details panel

The Mapper Details panel displays:

• Mapper Name
• Directory ID
• Associated Groups
• Role Assignment
• Creation Date
• Last Modified Date
• Status
• Execution History (if available)

Editing Mappers

To edit an existing mapper:

1. Locate the mapper in the Mappers interface

2. Click the Edit button (pencil icon) for that mapper

3. A popup dialog will appear with the current mapper details

4. You can modify the following:

   Modifiable Fields:

   • Mapper Name: Update the name following the same rules as during creation
   • Directory ID: Modify the external directory identifier
   • Groups: Add or remove groups to which users will be automatically assigned
     • To add groups: Select from the dropdown list
     • To remove groups: Click the 'x' icon next to the group's name
   • Role: Change the role assignment for matched users

5. Click the Save button to update the mapper

6. A success notification will appear when the changes are saved

Important Notes on Editing

• Changes to a mapper do not retroactively affect users who were already mapped
• Only future mapping operations will use the updated configuration
• To apply changes to existing users, you may need to trigger a re-mapping operation (if supported)

Deleting Mappers

To delete a mapper:

1. Locate the mapper in the Mappers interface
2. Click the Delete button (trash icon) for that mapper
3. A confirmation dialog will appear asking you to confirm the deletion
4. Click Confirm to proceed with deletion or Cancel to abort
5. A success notification will appear when the mapper is deleted successfully

Important Notes on Deletion

• Deleting a mapper does not remove users from groups they were previously mapped to
• The mapping will no longer apply to new users
• Deletion cannot be undone
• System-critical mappers may be protected from deletion

Mapper Execution

Mappers execute automatically during specific system events:

Execution Triggers

• User Creation: When a new user is added to the system
• User Import: When users are imported from an external system
• Directory Synchronization: During scheduled directory synchronization
• Manual Execution: When an administrator manually triggers the mapping process

Execution Process

1. The system identifies users matching the Directory ID criteria
2. For each matching user:
   • The user is assigned to the specified groups
   • The user is granted the specified role
   • The system logs the mapping operation
3. Administrators can view the mapping history in the system logs

Best Practices

Naming Conventions

• Use clear, descriptive names for mappers
• Consider including the directory source and target group in the name
• Be consistent with naming patterns

Mapper Organization

• Create specific mappers for distinct organizational units or departments
• Avoid overly broad mappers that assign too many users
• Consider the impact on permissions when designing mapper rules

Security Considerations

• Regularly audit mappers and their associated groups
• Limit the use of mappers that assign administrative roles
• Review mapper configurations when directory structures change
• Implement a review process for new mapper creation

Troubleshooting

Common Issues and Solutions

Mapper Not Applying to Users

Issue: Users are not being automatically assigned to groups

Possible Causes:

• Directory ID format is incorrect
• User's directory information doesn't match the mapper criteria
• Directory integration is misconfigured
• Mapper is inactive

Solution:

• Verify Directory ID format matches the external system
• Check user attributes in the external directory
• Confirm directory integration is working properly
• Ensure the mapper is in active status

Incorrect Role Assignment

Issue: Users receive wrong role when mapped

Possible Causes:

• Mapper configuration error
• Multiple mappers applying conflicting roles
• Role hierarchy rules overriding the mapper

Solution:

• Check the role setting in the mapper configuration
• Review all mappers that might apply to the user
• Verify role hierarchy settings in system configuration

Groups Not Being Assigned

Issue: Users are mapped but not assigned to groups

Possible Causes:

• Groups specified in mapper no longer exist
• Group membership conflicts with existing assignments
• Permission issue with group assignment

Solution:

• Verify all groups in the mapper configuration exist
• Check for group membership restrictions
• Ensure the mapper has sufficient permissions to modify group membership

---

For additional support or to report issues with Mappers functionality, please contact your system administrator or the support team.