Simplify common authorization and access to applications for corporate users across multiple LDAP forests on-premise and in Microsoft Azure.
The application allows to map a user identity on multiple directories and ensures that starter – leavers processes are consistent across them all.
Besides user identity mapping in different applications and directories, Xpert.I.AM offers basic self-service user requests like changing a subset of AD attributes, checking the account lockout history, warning users about a password change and facilitating the reset, allowing the user to request resource access where approval is needed.
Modifies AD properties and keep them in synch across different LDAP forests.
Provides warnings about lockout events across multiple directories.
Informs the user about password expiration and facilitates password changes.
Unlocks the user account in related LDAPs as long as the primary LDAP is not locked.
Requests access to applications (initiates the workflow).
Requests additional software licenses: O365, Azure and others (initiates the workflow).
Business Line Workflow
Control user onboarding to O365 with granular access to licenses and with custom approval workflow.
O365 and on-premise application authorizations are managed in a common workflow.
Allows creating identity entities and establishes the relationships among them: primary – secondary.
Entities can be LDAPs, file servers, applications OUs, etc.
Full flexibility to extend the workflows based on new entities.
User onboarding in multiple LDAPs and Azure.
Batch onboarding based on template files.
Creates and manages relationships: one user – multiple accounts.
Creates and manages user profiles(*).
Allocates users to profiles(*).
(*) by profile we refer to a set of licenses and granted authorizations
Service-Desk Module (cont’d)
Maintains Primary LDAP forest vs. Secondary LDAP forests relationships and if a user is disabled in Primary LDAP then it disables the user in secondary LDAPs as well.
User profile management across multiple directories.
Reports for unused accounts and facilitates the automated process for disabling them.