English
Svenska
Search
Automatic Account Manager
Automatic Account Manager (AAM) has functions for distribution, synchronization, compilation, and follow-up of identity and attributes information. Two-way provisioning is also supported, which means that connected systems can be both source and receiver of identity- and attribute information.
The product is a policy based services that in a flexible way can leverage the rules and policies decided on within a company regarding the handling of identity- and attribute information to a set of automated actions.
AAM can communicate by web service or directly with all modern databases or LDAP v3 directories.
An image of so-called integrated identity information is constructed in the service. In short, this means that it can work towards one or more data sources in order to compile a configurable image of what an object (user, units, groups, roles, etc) looks like. This image of the object can then be treated in different steps, be distributed and stored in various data sources.
By exploiting features of AAM, companies and organizations can ensure good quality of data between systems and processes. This is important especially when planning to carry out extensive migration of information between systems, which often follows a defined workflow.
The powerful reporting features that are included in the AAM will help to create an increased visibility of the assets that exist within an organization. It can include everything from licensing to system access for employees. AAM can also provide an overview of how information from different sources is consistent. Both predefined reports and adjustments for custom supported the basic version of the AAM.
The combination of systems and processes supported by AAM also follows the thoughts on "best practices" contained in frameworks such as ITIL, MOF and the like. Automatic Account Manager is a powerful solution that use existing infrastructure and resources so there are no hidden costs or expensive investments.
Key Benefits
- Connectors to all modern systems including:
- Web service (SOAP)
- LDAP v3 directories
- Databases
- File Import/Export
- Includes many actions, no developer knowledge required
- Rapid deployment. Very fast and flexible implementation
- Easy to move configuration from test to production environment
- Leverages existing infrastructure & resources
- No expensive investments
Automatic Account Manager
Automatic Account Manager can be used in many ways. The most common scenarios can be divided in four areas:
- Information quality in data sources e.g.
- Check if userID or other objects follow name standards
- All names should begin with uppercase and continue with lowercase e.g. John Smith
- Cell phone numbers syntax should be saved by international code standards +4670….
- Create reports, Information can be consolidated from one or multiple data sources. Attributes can be converted to human readable format. Information is presented via .e.g. PDF or Excel. Reports can be distributed via email or saved to file.
- Alerts. The AAM service can be notified that a specific event has occurred in the LDAP directory. The LDAP directory must be able to support “Persistent Search” (Dirsync in Microsoft Active Directory). The AAM service reacts to incidents the moment the change occurs .e.g.
- Changes in high security groups
- Password changes on sensitive accounts
- Account lockout after a number of incorrect login attempts
- Synchronization/Provisioning. Automatic updating in multiple data sources can be performed.
Automatic Account Manager Policy concept
Automatic Account Manager is working as a policy based service.
Automatic Account Manager
Connectors included
Automatic Account Manager includes a number of database connectors.
- LDAP version 3 Directory Service, for example Microsoft® Active Directory®, , OpenDS, Siemens DirX, Open LDAP, Sun One®, iPlanet, Netscape, Novell® eDirectory® etc.)
- JDBC (Java Database Connectivity)
- ODBC (Open Database Connectivity)
- CSV File (Files with fields separated by a character, e.g. a comma)
- LDIF File (LDAP Data Interchange Format)
- Web services (XML). There are two web service interface included:
- AAM to AAM. This web service can be used to synchronize information between two B2B parties or different organizations over HTTPS!
- Generic web service. This web service includes the following configurable requests:
- Create objects
- Modify objects
- Delete objects
- Search objects
Google provisioning for users and groups
AAM have created actions to handle synchronization and provisioning to Google There are two separate categories of policies. One category to handle user provisioning and another category for groups.
Each of these categories has one policy to handle Add – Modify events and one policy to handle Delete event.
All policies are default set to use a schedule type called LDAP Persistent. This policy type is triggered by events in the local LDAP directory.
This type of schedule starts a separate thread with a listener towards the LDAP database. Through the thread and the listener, events in the LDAP database can create session objects and session attributes based on what has occurred.
More information can be read here for the Opacus solution: http://www.securethecloud.com/
Automatic Account Manager
Supported Operating Systems
Recommended Hardware
The application requires:
RAM: Minimum: 1 GB (depends on how large datasource that will be used to process in memory)
HD: 100 MB for application + additional space for log rotation
Operating System
Any operating system that supports Java Virtual Machine (JVM) version 1.6 or higher, for example Microsoft® Windows®, Linux™, Sun® Solaris®, IBM® AIX , HP/UX, Novell® Netware.
Databases, source and targets
- LDAP version 3 Directory Service, for example Microsoft® Active Directory®, , OpenDS, Siemens DirX, Open LDAP, Sun One®, iPlanet, Netscape, Novell® eDirectory® etc.)
- JDBC (Java Database Connectivity)
- ODBC (Open Database Connectivity)
- CSV File (Files with fields separated by a character, e.g. a comma)
- LDIF File (LDAP Data Interchange Format)
- Web services (XML)
