Clever IDM Enterprise Options and Mappings
This table provides an overview of the Clever IDM Enterprise solution, including the available options for usernames, initial passwords, rename/de-provision policies, and a mapping of where data from Clever will be synced to each target system. These options and data mappings are built upon industry best practices and are representative of what will be delivered.
Employee Initial Password Option | Example | |
Account Claiming | Teachers and Staff will leverage the self-service Secure Account Claiming process to set their own password. | N/A |
Student Initial Password Options | ||
SIS ID | The initial password will follow the pattern: | &12Ls12345 |
School ID | The initial password will follow the pattern: | &12Ls02M800 |
Random | The initial password will be based on the default Clever IDM Enterprise password policy | #Ywkdj123 |
Rename Options | ||
Manual Rename | When a first name or last name is changed in Clever, those two attributes would change in Clever IDM Enterprise, as well as in downstream systems. However, the username and email address will not change until the District Administrator clicks to authorize the rename. | N/A |
Automatic Rename | When a first or last name is changed in Clever, those two attributes would change in Clever IDM Enterprise, as well as in downstream systems. The user will also be queued to automatically update the username and email address. | N/A |
De-Provision Options NoteIn Clever, there is no concept of disabling accounts. The user stops getting sent to Clever from their source data, and Clever deletes the account. When Clever IDM Enterprise sees the deletion event for the user, the user gets disabled in Clever IDM Enterprise as well as Google, Active Directory, and Microsoft 365. If the district does not elect to allow deletions, the accounts will not be deleted from the downstream systems, and it will be the responsibility of the district administrator to manually remove the accounts from those systems. | ||
Disable Only | The accounts will be disabled as outlined above, but it will not be deleted from the downstream systems. It will be the responsibility of the District Administrator to manually remove the accounts from those systems. | N/A |
Delayed Delete | The accounts will be disabled as outlined above, and then after a number of days determined by the District in the Configuration application, the account will be deleted from the downstream systems. | N/A |
Username Data Options | ||
First Name | Use FIRST xx characters, use LAST xx characters, use complete name. | |
Last Name | Use FIRST xx characters, use LAST xx characters, use complete name. | |
SIS ID | Use FIRST xx characters, use LAST xx characters, use complete name. | |
School ID | Use FIRST xx characters, use LAST xx characters, use complete name. | |
| N/A | |
| N/A | |
| N/A | |
Prefix | Free text | |
Suffix | Free text | |
Username Convention Examples | Example | |
Example Data | First Name: John Last Name: Smith SIS ID: 98765 School ID: 9999999 | |
Example Policies | Use the first character of the first name and use the complete last name. | jsmith |
Use the first character of the first name, use the complete last name, and last 4 digits of SIS ID. | jsmith8765 | |
Use a prefix of "s-", use the first character of first name and complete last name. | s-jsmith | |
Use first character of first name, use underscore as a separator,use first 5 characters of last name, and suffix of "-s". | j_smith-s | |
Collision Avoidance | By default, collisions will be avoided by appending a number at the end of the generated username (e.g., jsmith2). | |
Restrictions | The username is limited to 20 characters, as imposed by Active Directory. The 20-character limit will remove characters from the elements, but will not remove a prefix or a suffix. Data is restricted to required elements in Clever .csv file uploads. NoteGraduation year is not an option because it is not required by Clever in the file. | |
Data Description | Clever Data Elements | Attribute | Sample Data |
|---|---|---|---|
Active Directory | |||
Display Name |
| displayName | Luke Skywalker |
Distinguished Name |
| distinguishedName* | cn=lskywalker,ou=ac-counts,dc=my,dc=district |
Teacher Number |
| employeeID | 341754 |
Clever SIS ID |
| employeeNumber | 876460 |
User Type | Staff or Student | employeeType | Staff |
First Name |
| givenName | Luke |
Middle Initial |
| initials | A |
Primary School |
| l (lowercase L) | City High School |
District Email Address |
| mail* | Lskywalker@district.com |
Username |
| sAMAccountName* | Lskywalker |
Last Name |
| sn | Skywalker |
Job Title |
| title | Grade 1 Common Branch Teacher |
Common Name |
| cn | Lskywalker |
Google Workspace | |||
Last Name |
| familyName | Skywalker |
First Name |
| givenName | Luke |
Department |
| organizations.department | Math Department |
User Type | Staff or Student | organizations.description | Staff |
Job Title |
| organizations.title | Grade 1 Common Branch Teacher |
District Email Address |
| primaryEmail* | lskywalker@district.com |
Microsoft 365 | |||
Department |
| department | Math Department |
Display Name |
| displayName | Luke Skywalker |
User Type | Staff or Student | employeeType | Staff |
First Name |
| givenName | Luke |
Job Title |
| jobTitle | Grade 1 Common Branch Teacher |
District Email Address |
| primaryEmail* | lskywalker@district.com |
Last Name |
| surname | Skywalker |
*- Depends on options chosen