Provisioning

The OpenIAM Identity Manager provides a flexible provisioning and de-provisioning solution that enables the following functionality:

  • Provisioning and de-provisioning of accounts based on rules or job roles
  • Maintain detailed audit information
  • Incrementally provisioning account entitlements after an account has been created
  • Updating the account with new policies based on changes in the business, job codes, and other requirements

 

The provisioning module consists of  the following modules:

  • Process engine with a graphical designer
  • Provisioning services
  • Audit Logging
  • Reports

Connectors

OpenIAM is continually expanding its list of supported connectors.  Currently the following connectors are available:

  • LDAP
  • Active Directory
  • Google Apps
  • Exchange
  • Databases (Oracle, MYSQL, SQLSERVER)
  • Script Connector
  • Application Tables
  • Powershell Connectors

Request – Approval

While provisioning processes may be triggered through a variety of applications, such as an HR system, the OpenIAM Identity Manager provides a number of customizable forms in the self-service application to address common tasks.  These include:

  • New Hire
  • Requests for Access
  • Termination
  • Changes in Department, Supervisor, etc.

These forms are usually used within an approval process.  Upon approval, the identities and relevant entitlement information will be provisioned into the target system.

Custom Workflow

While OpenIAM allows you to quickly configure common approval workflows, the process engine allows you to define processes that are unique to each organization.  These processes can be designed using the graphical processor designer that runs as a plug-in to the Eclipse IDE.  Unlike some solutions, which provide a proprietary home-grown “identity workflow” designer, OpenIAM supports a full featured workflow engine. This allows OpenIAM to have greater flexibility in the type of processes that can be created and the systems that it can be integrated with.  To simplify the integration effort, OpenIAM includes several processes that can be viewed as a template to further enable rapid customization.  These processes include:

  • New Hire
  • Self Registration
  • Request access with single approval workflow
  • Request access with multi-step approval
  • Approval with escalation
  • Correction workflows for attestation

Synchronization

The synchronization functionality allows you to synchronize data from one or more authoritative sources to a set of managed systems. OpenIAM supports synchronization based on:

  • Events: Event based synchronization allows real time synchronization since the source system will place a message on the Identity Manager Bus to triggers synchronization
  • Scheduled Intervals: The time interval in which synchronization should occur can be configured. The interval may be as short as 1 min, enabling near real time synchronization, or at larger intervals.

When a new employee is added to the HR system, the synchronization process is triggered to detect this new record and initiate the synchronization process.  During the process, it can be configured to look at a number of factors such as job code to determine which applications they should have access to.

Reconciliation

Where synchronization is used to detect changes in the source system, Reconciliation is used to detect changes in the managed systems.  For example, if Active Directory is one of the managed systems, then changes made directly on Active Directory can be detected and then synchronized back into OpenIAM and the systems that it manages based on the rules that are in place.

Recent Posts
RSA Conference 2019
We will be exhibiting at the RSA Conference in San Francisco in March, and welcome the opportunity to meet you in person for questions and on-site demos. For a complimentary Expo Plus Pass, please use the registration code XEU9OPENIAM at the RSA...
For colleges and universities, OpenIAM introduces an industry-specific IAM solution for students and faculty which incorporates technologies such as Docker and Identity-as-a-Service (IDaaS). CORTLANDT MANOR, N.Y.--(BUSINESS WIRE)--OpenIAM, LLC announces the release of a fully featured Identity Governance and Web Access...
OpenIAM v4.1 provides organizations with a feature complete IAM platform which leverages modern technologies such as Docker, Kubernetes, Elasticsearch and Redis to provide a user-friendly, small footprint solution which is currently in production at mid to large enterprises globally. Cortlandt...
CORTLANDT MANOR, NY JUNE 21, 2016: OpenIAM, a top Open Source Identity and Access Management vendor, has bolstered security at organizations while increasing employee productivity through its automated Self-Service Portal. In lieu of calls to the help desk due to...
See
More
Posts
read more
Sign in
Register
or
Lost your password?
Register

Products of Interest

How did you hear about us?

Registration confirmation will be emailed to you.