Customer profile
Baseline and project objectives
Palacký University in Olomouc was faced with the problem of decentralized access to manage more than 30,000 user identities of employees, freelancers and students. These identities were managed manually in the internal LDAP, as well as in AD and OpenLDAP and in individual systems of the university.
In order for the University to operate more efficiently, new technologies needed to be applied to automate the management of these identities. docílit tak automatizace správy těchto identit.
Benefits
- Establishment of a central and automated management of access permissions
- Unification and increased transparency of processes
- Increased availability of data for auditing and increased traceability of changes made
- Centralised identity management guarantees higher productivity
Solution
To meet the requirement for an efficient and automated user identity management process, the AC Identity product was implemented. The implementation of the product resulted in the creation of a single central record of user accounts and permissions across three directory services and other major systems.
Data sources for IDM on organizational structure, employees, students and external staff are SAP HR (for employee information), STAG (for student information) and external staff databases. Due to the multiple input systems, advanced logic was implemented to import the source data. IDM manages all identities in the connected systems and all directory services. AD as a system that enables user authentication is a key part of the organization. Once IDM is implemented, AD is the target system, along with LDAP and OpenLDAP. As part of the development of IDM, integration has been extended to other ADs within the university and faculty organisation.
Currently, IDM manages users in other key systems of the University such as MS Exchange, Sendmail, Internal Rules, GSuite, INIS, User Portal, SAP, DYNAS, KREDIT and the ID card system.
Beyond the standard identity management processes, other advanced features have been implemented such as automated role assignment based on advanced rules, notifications, requests and their approval within and multi-stage approval workflow, web interface not only for password reset, auditing and reporting.
Used technologies
- AC Identity
DO NOT HESITATE TO
CONTACT US
Are you interested in more information or an offer for your specific situation?