JDBC - Azure AD group

Manju22 · March 11, 2024, 10:39am

Hi ,

I need some suggestions on below.

IDN will need to do a SQL INSERT into the database when a user is added to the Azure AD group.

How this can be achieved using workflow or any methods? Please advice.

Thank you!

uday_kilambiCTS · March 11, 2024, 12:11pm

May be you can add more details about what you want to achieve through Insert statement. When you mention SQL Insert, I am assuming that it needs a group/entitlement to be added in a particular database that is onboarded already in your IDN.

You can achieve it via Roles and Workflows both.

Via Role
Define the role criteria to match the Azure AD group on a user. Define an access profile for the Database group you need to insert and add it to the role. This ensures the DB group is granted automatically through the role.
Via workflow
Define an Access Request Decision based trigger to detect an the respective Azure AD group request and invoke Manage access action to request needed database group.

Regards,
Uday

Manju22 · March 11, 2024, 2:08pm

Thanks Uday.

We need to create record into the database if any new user added into the Azure AD group. Can you please advise.

uday_kilambiCTS · March 11, 2024, 3:45pm

Is this database integrated as a source in IdentityNow? And this record that is planned to insert, does it add a group to the user? or create a user record in database?

Manju22 · March 11, 2024, 4:14pm

Yes, its a JDBC connector source in IDN.We need to create a user record in database if user added to Azure AD group

uday_kilambiCTS · March 11, 2024, 4:22pm

If your JDBC source is already developed and configured for the user account creation using JDBC Provisioning rule, then you can simply have a role defined with assignment criteria as Azure AD group entitlement and the respective JDBC group as the access profile.

Whenever user is added with Azure AD group or for all the existing users who has the Azure AD group, the IdentityNow role is assigned which in turn adds the database group to the user. This invokes the JDBC connector to create an account(if not already present) and add the group using your JDBC provisoning rule.

If you do not intend to assign the database group for existing users, you can choose the Workflow route as I mentioned in the earlier comment.

Topic		Replies	Views
IDN Integration with MS ISC Discussion and Questions identity-security-cloud , connectors	6	207	January 11, 2024
JDBC Provisioning Rule in IDN ISC Discussion and Questions rules , aggregation , identity-security-cloud , sources	5	722	July 19, 2023
Is it possible to reading the data JDBC connecton and Provisioning to Excel ISC Discussion and Questions identity-security-cloud , provisioning	4	255	March 12, 2024
JDBC connector Error ISC Discussion and Questions identity-security-cloud , provisioning , jdbc-connector	8	80	April 26, 2024
GetObject for JDBC connector ISC Discussion and Questions aggregation , identity-security-cloud	7	588	December 12, 2023

JDBC - Azure AD group

Related Topics