Does anyone know how to remove the built in Admin roles on Inactive LSC

I just did some spot checking in my Production tenant. I have user who was assigned the Helpdesk and Reporting Admin roles but the life cycle state is inactive. I would of thought that when this Life Cycle State was triggered that IdN would of removed this access as it is elevated permissions. With this state of not removing the permissions would really cause issues when we get audited let alone the security risk it poses. I am looking for ideas at how I can automate the removal of these roles. We have quite a large helpdesk and it would be really hard to keep track of the users moving or leaving.

Hi Mark - Did you check this post? IdentityNow management SaaS connector

It would make your IDN-roles into entitlements as any other piece of access I recon.

Thinking/Wondering …
Why is it that most of the various IAM tools I’ve worked with, except SAP, don’t provide the functionality to manage themselves? :wink:

Thank I am looking into this and seeing if it is a fit for my organization.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.