ADMIN Magazine: Identity and access management with OpenIAM

ADMIN magazine recently published a write-up on implementing centralized user management with OpenIAM.
ADMIN magazine recently published a write-up on implementing centralized user management with OpenIAM.
Many of our Identity Management customers have a Microsoft Environment which consists of Microsoft Active Directory and complementary components such as Microsoft Exchange, Lync, SQL server, etc. Many of these customers have, or are in the process of adopting Microsoft’s Office 365 platform (O365). Adopting O365 allows companies to move some of the components to the cloud.
Microsoft provides a technology called DirSync (which is currently being replaced by Azure Connect), which allows you to sync accounts in AD to the cloud platform so that users have a single identity between the cloud and on-premise world.
By itself this functionality does not go far enough to address the needs of larger customers who need to manage thousands of users, integrate various other technologies and conform to corporate policies. Some of the challenges are listed below. You will find that some of these issues may not be relevant to your environment as this will depend on the components of the Microsoft stack which are being used and how the synchronization between AD and O365 has been enabled.
For new users (Joiners) and existing users, consider:
To enable deprovisioning users (Leavers), consider:
If this process is not governed by a flexible automated solution, then the administrative overhead must also be factored in which will be both time consuming and potentially error prone.
The rest of this article describes how the OpenIAM Identity manager was used to address these challenges at a large customer. In this case, the organization: