Standard connectors for over 150 systems and applications
To automate user account management in the network, it’s important that the solution supports a wide range of systems and applications. By default, IAM has a large set of connectors to manage user accounts (authentication) and rights (authorizations) in systems and applications. Alongside the standard connectors, IAM has the ability to connect generically based on CSV, ODBC, text files, SOAP/XML, web services, etc. Read below what connectors Tools4ever has by default.
IAM has the ability to connect an HR system to the user accounts in the network. The connector allows for every change made in the HR system to be detected by IAM and automatically implemented in the network. Examples of changes and procedures are:
- New employee:
User account is created with e-mail account, home directory, and group memberships.
- New employee job:
User account acquires more rights in the network because of promotion, and current rights are modified if necessary.
- Employee leaving:
User account is immediately disabled. The home directory and e-mail data are moved to a secondary storage.
- Employee marital status changing:
The display name and e-mail address can be modified.
- Employee going to a different location:
Home directory data is transferred to the nearest home directory server.
IAM can quickly and correctly make any account or access management change in a variety of ERP/EHR systems . This means that depending on his or her role, every new employee will gain appropriate access to the healthcare system, and any further access will be prevented upon that employee’s role termination. User account and access management can be carried out much more efficiently in this way, and it becomes easy for a healthcare institution to achieve compliance with legislation and regulations, e.g. HIPAA.
A school information system (SIS) is maintained meticulously by the administration and contains all the school’s important information. This makes it perfect for use as a source system for user account management. Every change to the SIS is detected automatically by IAM, and the necessary action is carried out– for instance creating an AD account and granting access to or changing class shares and distribution lists.
IAM can also synchronize the information from the SIS to an electronic learning environment, cloud application, or any other education system, such as library systems.
By connecting with hosted email applications, such as Google Apps and Office 365, IAM can manage email related tasks. Thus, IAM could ensure, for example, that email accounts for new employees are available immediately, or the software can automatically implement name changes in the email account as needed.
To handle facilities requests efficiently, it’s necessary for all employees and user accounts to be known in the helpdesk system. Managing employees in the helpdesk systems, and managing open tickets, is a time-consuming task, which can be automated with IAM. The possibilities include:
- Automatic creation of an incident/change request
- Creating a ticket for an application manager
- Creating and maintaining personnel cards
- Requesting configuration items, e.g. token, passes, mobile phone, laptop, company clothing, which a departing employee must hand in.
- An e-mail notification to the manager about the configuration items to be returned.
TOPdesk - Enterprise
Security and Access Systems
It's extremely important for organizations that physical access systems directly and seamlessly match an HR environment, so that new employees immediately gain access to authorized areas, and that departing employees have their access revoked. IAM ensures the direct provisioning of security and access systems so that the entire lifecycle of the employee can be managed. This occurs through changes in the HR system, or the use of electronic forms.
IAM offers the ability to use information from any source systems (in many instances, the HR system) to perform a required action in applications for telephony. Among other things the connector supports:
- Complete management of the personnel cards / users
- Creating, modifying and removing an employee’s telephone number and handset
- Assigning or withdrawing specific rights, such as internal/external calling, domestic/international calling, toll numbers
- Creating, modifying and removing hunt group.
Cisco Unity and Call Manager
Microsoft Lync / Skype for Business
Facility Management Systems
Many organizations have a central reporting and/or service point in the form of a Facility Management (FM) system. All employees must be known in this system so that facilities requests can be recorded and managed. IAM has connectors for a number of facility management packages. The connector can be used to automatically manage the objects for employees and user accounts for manager.
TOPdesk - FMIS
CMS / DMS Systems
IAM has full connectors for a variety of CMS and DMS systems. These connectors make it possible to automatically create and manage the login details for employees. When an employee starts work, IAM automatically creates an account in the CMS/DMS with all required attributes (name, location, telephone number, etc.). When an employee leaves the organization, the account is disabled in accordance with set rules (disable, transfer, etc.).
The IAM connector also ensures the appropriate rights of the employee within the system, based on the job position and/or department.
Enterprise Resource Planning (ERP) Systems
Changes to the personnel file (promotion, changing departments, etc.) result in changes in multiple systems, including ERP. Manually entering changes into ERP systems is often time-consuming, expensive, and complicated. With IAM, Tools4ever offers the ability to automate user management for a variety of ERP systems, so that the process is centralized and simplified.
From IAM it's possible to create user accounts in strict compliance with the rules of the operating system. This ensures that user account names and passwords are unique and fulfill the specified policies (length, complexity, etc.) of the operating system. The rights (group membership and/or authorizations) can also be assigned. Alongside the management of user accounts, IAM also offers a number of reporting features.
|Apple Open Directory
The IAM software offers out-of-the-box abilities to create and manage accounts in most common databases, e.g. Oracle, SQL Server. A configurable ODBC connection is used to communicate with the database to create, change, or remove accounts. These actions can be performed automatically as part of a synchronization, or accessed through web-based forms for manual actions, for instance by a helpdesk.
OLE DB compliant
IAM offers a complete interface/connector for various different directories. With the interface it's possible to implement any desired action for the directory automatically. Examples of actions are: reset passwords, remove/add group memberships, change extended attributes, create, remove and modify user accounts. The following automatic provisioning of a directory is possible: bulk imports to directory, delegated management to directory, auto provisioning and self-service to the directory. As long as the directory supports this processing technically, it's possible to perform the action from IAM.
Active Directory LDS
Oracle Internet Directory
The above list of connectors which IAM offers is constantly being expanded. Tools4ever has years of experience in developing connectors, which are often developed by request. If your system is not on the list, simply contact us to request a different connector.
Amazon Web Services