0

In our companie we have a lot of systems: CRM, ERP, payroll system, etc..

The problem is that NONE of these systems are integrated with our Active Directory. From a admin and security perspective this is painful.

We don't just want to integrate the systems with the AD login, we think of more... for example: having a centralised provisioning system (middleware) that integrates with other applications and add automatically add users to the systems (AD, CRM, ERP, etc) and remove them in one single step.

Do you know any Enterprise Provisioning System that can help us?

Bart De Vos
  • 17,911
  • 6
  • 63
  • 82
Andre
  • 1,341
  • 4
  • 19
  • 34
  • There are plenty of Identity Management systems out there. Microsoft has one, so does IBM. They're not one-size fits all, so without a lot more details there's not a whole lot to say other than "call some vendors and see what they offer! Or script it yourself" – MDMarra Jan 28 '12 at 10:06
  • Hi! thanks for the reply... how usually the applications integrate with the IdM? – Andre Jan 28 '12 at 10:19
  • This question is verging on being a shopping question ("what software should I buy to do x"). I would suggest revising it to be more specific before it is closed. See here - http://blog.stackoverflow.com/2010/11/qa-is-hard-lets-go-shopping/ – Sam Cogan Jan 28 '12 at 11:33
  • @sam I disagree - the question is conceptual in nature, just disguised as a product recommendation request – the-wabbit Jan 28 '12 at 12:00

1 Answers1

1

As already commented by MDMarra, you should look for an identity management system that suits your needs.

how usually the applications integrate with the IdM?

It really depends on your implementation, but the basic idea goes as follows:

You have a single "meta"-directory which is meant to have authoritative information. It is either fed and queried directly by your applications using the available connectors or mechanisms for importing / exporting data from/to your applications' databases are in place.

Of course none of the approaches would go without some amount of coding - either changing your applications' code base or creating the import/export functions would be needed. The IDM system typically will come with some GUI modeling tools for the import/export and workflow definition functionality to reduce the actual coding work. Along with the additional management tools (like added self-service mechanisms for users), the API and the modeling tools constitute the main value of an IDM as designing and coding them from scratch would typically take a considerable amount of time.

the-wabbit
  • 40,737
  • 13
  • 111
  • 174