Best Practises for handling group based applications

Dear Experts

I just wanted to understand the best practises to handle Active Directory group based applications in IdentityNow.

Typical use cases for this application:

1. Certifications
2. Access Request
3. RBAC

A few high level options we have considered:

1. Onboard an Active Directory source initially and create a dependent application (like IIQ’s logical application).
2. Onboard an Active Directory source initially and just create access profiles, certifications on top of this source.

Thanks in advance for all the suggestions.

Hi,
either option you’ve proposed would work fine for what you are trying to accomplish but I would actually do both. with option 2 you will be able to create access profiles and roles and then make them requestable for your end users. Certification campaigns can then be run as needed. AD however can have various capabilities that end users don’t recognize as AD applications. Example: you might have VPN access through AD and users just know it as VPN so you can create an application and make it requestable as VPN. Either way I think you will be able to accomplish your goals.

What is the best way to create a source similar to IIQ’s logical application for AD group based applications?

Hi,
How we can achive the Logical application for AD Group based applications in IdentityNow?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.