User Self-Service

• Modifies AD properties and keep them in synch across different LDAP forests.
• Provides warnings about lockout events across multiple directories.
• Informs the user about password expiration and facilitates password changes.
• Unlocks the user account in related LDAPs as long as the primary LDAP is not locked.
• Requests access to applications (initiates the workflow).
• Requests additional software licenses: O365, Azure and others (initiates the workflow).

Business Line Workflow

• Control user onboarding to O365 with granular access to licenses and with custom approval workflow.
• O365 and on-premise application authorizations are managed in a common workflow.

Configuration Module

• Allows creating identity entities and establishes the relationships among them: primary – secondary.
• Entities can be LDAPs, file servers, applications OUs, etc.
• Full flexibility to extend the workflows based on new entities.

Service-Desk Module

• User onboarding in multiple LDAPs and Azure.
• Batch onboarding based on template files.
• Creates and manages relationships: one user – multiple accounts.
• Creates and manages user profiles(*).
• Allocates users to profiles(*).
(*) by profile we refer to a set of licenses and granted authorizations

Service-Desk Module (cont’d)

• Maintains Primary LDAP forest vs. Secondary LDAP forests relationships and if a user is disabled in Primary LDAP then it disables the user in secondary LDAPs as well.
• Provisioning wizard
• User profile management across multiple directories.
• Reports for unused accounts and facilitates the automated process for disabling them.
• User attributes mass changes.