Welcome to the community @dttamma
If you mean you need a way for end user to request AD accounts with elevated access. You can use OOTB access request feature with some customization
- if you have roles that can be requested by user. You need have meta data on the roles that specify if its elevated access role
- Then you can use this information in AD provisioning policy to customize the provisioning based on if the elevated role is being requested like may be you want to create the account id bit differently or may be you want to set certain attribute on AD to tag elevated account or more imp you want to use more complex password policy for elevated account.
- If you have requestable AD entitlements/groups, same can be achieved with them provided you have some meta data on entitlement to confirm its elevated entitlement.
This is mostly OOTB with some customization on role/entitlement schema and provisioning policy.
Welcome @dttamma to the community.
What do you mean by Elevate account request? If you mean to request an ADM(admin) account in addition to your regular user, you can achieve that OOTB by adding logic to AD provisioning policy w.r.t the role that you request. Perhaps, if you can provide more information of your request, that helps