Microsoft AD
Active Directory (AD) is Microsoft's exclusive directory service, running on Windows, allowing admins to manage access and permissions to organizational network resources, on premises.
Connect to AD
Overview
Our Microsoft Active Directory (AD) integration uses a common Lightweight Directory Access Protocol (LDAP) based connector for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
We use SCIM protocols to connect to your Active Directory instance using REST APIs.
Account in Active Directory
IDHub pulls all Active Directory user account information from your Active Directory instance through a specific Distinguished Name (DN) or multiple DNs.
User Account attribute we fetch includes (but not limited to):
- samAccountName (As a unique identifier)
- Common Name
- First Name
- Last Name
- Display Name
- Telephone Number
- Email-Addresses
- Department
- Title
- Employee Type
Our customers can choose to fetch any other attributes apart from the above as per their individual needs. With our Attribute based Access Control (ABAC), you can decide which information will be used on new user creation and which ones on user modifi
Entitlements in Active Directory
IDHub LDAP Connector pulls only 1 types of entitlement from Active Directory for provisioning and de-provisioning.
- Directory Groups
Employees of your organization can request for Active Directory Groups as needed.
Active Directory Groups
As part of LDAP connector, we establish connection with Active Directory to fetch all directory groups. We can customize and target a Distinguished Name (DN) while fetching and add additional configurations:
- Target specific DN to fetch and fetch only parent directory
- Target specific DN to fetch and fetch parent and child directories
- Target multiple DN and fetch all directories
All the above configurations will pull directory as ‘Entitlements’
Users will be able to request for directory access from IDHub.
Upon completion of approvals based on request workflow defined by you on a particular directory, the users will automatically get access to the requested directory by our automated fulfillment, thus automatically providing access to the child directories as per rules of Active Directory.
Support and Maintenance
IDHub provides out of the box connector issue support and timely maintenance as a standard quality guarantee for all of our customers having our Cloud solution. However, any customization made to existing connectors requires managed services support plan for support and maintenance.