Connectivity
Limitless connectivity for hybrid IT landscapes

Our connectors at a glance

By using the Microsoft Identity Manager synchronisation service, we are able to connect virtually any web service or database-based application as well as various directory services and cloud platforms to the IDABUS Identity Solution or Microsoft Identity Manager 2016 system and manage their identities, roles, rules and groups as well as other objects in a uniform and traceable manner. 

The state-based synchronization procedure periodically checks all target systems and immediately corrects and logs deviations (target-actual analysis). Our web service and database-based connectors are freely configurable without programming knowledge. A constantly changing system and application landscape can thus be integrated in a very short time without external help.

By using the Microsoft Identity Manager synchronization service, we are able to connect virtually any web service-based or database-based application as well as various directory services and cloud platforms to the IDABUS Identity Solution or Microsoft Identity Manager 2016 system and manage their identities, roles, rules and groups as well as other objects in a uniform and traceable manner.

By means of the state-based synchronization procedure, all target systems are periodically checked, and deviations (target-actual analysis) are immediately corrected and logged. Our web service-based and database-based connectors are freely configurable without programming knowledge. A constantly changing system and application landscape can thus be integrated in a very short time without external help.

We have already developed over 100 management agents for partners and clients. Most were originally created as part of a specific implementation or requirement. We continue to develop some management agents and add new features.

Connectors for cloud applications

The Azure Active Directory Connector offered by Microsoft has only a limited range of functions (All-In) for synchronizing your identity data to Microsoft Azure. The solution we have developed includes a significantly expanded scope of possible configurations (Selective-In). This makes it obsolete to clean up your identity data in advance of a deployment of Microsoft Azure Active Directory or Office 365. The cloud management agent we have developed enables fast and flexible provisioning of identities and their authorizations with Microsoft Identity Manager systems such as MIM 2016 or FIM 2010 for the cloud.

The cloud management agent we developed offers:

  • Automated Microsoft Azure cloud provisioning
  • Flexibility and control over user permissions
  • Automated Office365 license assignment for users
  • Accelerated provisioning in Microsoft Azure
  • Single Sign-On (SSO) with AD FS 2.0/3.0

 

The Cloud Management Agent can thus implement the following:
The Cloud Management Agent in conjunction with the Microsoft Identity Manager enables selected identities from one or more identity stores (such as Windows Server Active Directory) to be provisioned and managed in Microsoft Azure Active Directory / Office 365.

Precise
Based on predefined policies, you control which users have access to the cloud services. This is a great advantage especially for companies whose IT infrastructure is too complex for simple synchronization concepts like DirSync, AAD Sync or AAD Connect.

Automated
Our solution eliminates the need for manual user provisioning via the administration interface in Microsoft Azure Active Directory or Office 365. In conjunction with the Microsoft Identity Manager, this management agent leverages existing user information and policies to automatically create, provision and continuously update Microsoft Azure Active Directory / Office 365 accounts. This greatly reduces the administrative burden on your organization.

Automated license assignment
Over the lifetime of a user account, licenses can be automatically assigned, activated, and updated through our Management Agent. This solution is ideal for all companies that want to control overhead. You only pay for the licenses you use.

Single Sign-On with AD FS 2.0 / 3.0
Do you want to provide your users with seamless and secure access to Office 365? To achieve this, Microsoft Identity Manager manages credentials and permissions. For security reasons, access to the cloud requires authentication. We provide single sign-on to your users by using AD FS 2.0/3.0 and federating your on-premises Active Directory authentication with your cloud applications.

O365 License Terms
Our experience and a variety of requirements from our customers for the management capabilities of Microsoft Cloud services led to the development of the Cloud Management Agent. We can license this management agent for your company and provide supporting services.

The Management Agent we developed supports the following profiles:

  • Full Import
  • Delta Import
  • Export
  • Full Sync
  • Delta Sync

 

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

For ServiceNow
Our ServiceNow Management Agent is a product developed by us, which enables the simple and flexible management of ServiceNow objects. The product can only be used in conjunction with Microsoft Forefront Identity Manager 2010 (FIM) or Microsoft Identity Manager 2016 (MIM), as it is an Extensible Management Agent (XMA2). The Management Agent developed by us supports company proxies with alternative credentials and enables the management of the following ServiceNow objects:

  • Users
  • Groups
  • Roles
  • Locations
  • Companies
  • Departments
  • Cost centers
  • Tasks

 

The following administrative tasks can be performed for the above ServiceNow objects:

  • Reading and changing user properties
  • Reading and changing group properties incl. member administration
  • Reading and changing role properties incl. member administration
  • Reading and changing location properties
  • Reading and changing company properties
  • Reading and changing department properties
  • Reading and changing cost center properties
  • Retrieving and closing tasks
  • Creating and deleting users
  • Creating and deleting groups
  • Creating and deleting locations
  • Creating and deleting companies
  • Creating and deleting departments
  • Creating and deleting cost centers
  • Password synchronization
  • Reading, adding and deleting group assignments

 

Available as SOAP and REST version!
Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

Connectors for local applications

For SAP
SAP 4.7 – NetWeaver 7.2: The SAP User Management Agent is a product developed by us which enables the simple and flexible administration of SAP User Management objects. The SAP User Management Agent can be operated in conjunction with the Microsoft Identity Manager, as it is an independent application.

The Management Agent enables the administration of the following SAP User Management objects:

  • Users
  • Users in the CUA/ZBV
  • Roles
  • Collective Roles

 

The following administrative tasks can be performed for the above SAP objects:

  • Reading users, roles and collective roles
  • Creating users
  • Deleting users
  • Changing user properties
  • Password synchronization
  • Reading and changing role assignment
  • Reading and changingcollective role assignment
  • Reading and changing group assignment
  • Reading and changing Org Assignments

 

Technical details:
The SAP system is accessed via BAPI/RFC using the SAP .Net Connector 3.0 (available in 64 bit for .Net 4.0). The transferred data between the Management Agent and the SAP system can be fully protected with SNC encryption. The data exchange to the Identity Management System is done via SQL or Identity Manager, directly integrated as Identity Manager Extensible Management Agent (XMA2).

For traceability of error-free processing, or processing analysis in case of error, the SAP User Management Agent offers different logging levels (information, warning, error, debug) in different analysis contexts (event display, debug display).

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

For RSA SecurID

The RSA SecurID Management Agent is a product we have developed that enables the simple and flexible management of operational processes for the RSA SecurID Lifecycle Manager within the Microsoft Identity Manager. The RSA SecurID Management Agent we developed can manage multiple data sources per realm, multiple realms per system or multiple RSA SecurID Lifecycle Manager instances. By using the RSA Web Service as an interface to the Identity Manager, the RSA8Management Agent we developed is platform independent and supports both RSA Server installations and SecureID Appliance solutions. The standardized use of this interface enables the RSA SecurID Management Agent developed by us to execute and monitor all functions of the RSA SecurID Lifecycle Manager while ensuring the security context when accessing the data.

The following functions are supported by the RSA SecurID Management Agent developed by us:

Monitoring and Reporting (Import):

  • User objects
  • Token lists
  • Token assignments
  • Groups
  • Group memberships

 

Identity Lifecycle (Export):

  • Creating, modifying and deleting user objects

 

Rights and Role Management (Export):

  • Token assignment and revocation, token exchange
  • PIN reset
  • On-Demand Authentication (SMS token) assignment and revocation
  • Adding and removing group members

 

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

Connectors for directory services

The Microsoft Azure Active Directory Connector offered by Microsoft has only a limited range of functions (All-In) for synchronizing your identity data to Microsoft Azure. The solution we have developed includes a significantly expanded scope of possible configurations (Selective-In). This makes it obsolete to clean up your identity data in advance of a deployment of Microsoft Azure Active Directory or Office 365. The cloud management agent developed by us enables fast and flexible provisioning of identities and their authorizations with Microsoft Identity Manager systems such as MIM 2016 or FIM 2010 for the cloud.

The cloud management agent we developed offers:

  • Automated Microsoft Azure cloud provisioning
  • Flexibility and control over user permissions
  • Automated Office 365 license assignment for users
  • Accelerated provisioning in Microsoft Azure
  • Single Sign-On (SSO) with AD FS 2.0/3.0

 

The cloud management agent we developed can thus implement the following:

The cloud management agent developed by us in conjunction with the Microsoft Identity Manager enables selected identities from one or more identity stores (such as Windows Server Active Directory) to be provisioned and managed in Microsoft Azure Active Directory / Office 365.

Precise
Based on predefined policies, you control which users have access to the cloud services. This is a great advantage especially for companies whose IT infrastructure is too complex for simple synchronization concepts like DirSync, AAD Sync or AAD Connect.

Automated
Our solution eliminates the need for manual user provisioning via the administration interface in Microsoft Azure Active Directory or Office 365. In conjunction with the Microsoft Identity Manager, this management agent uses existing user information and policies to automatically create, provision and continuously update Microsoft Azure Active Directory / Office 365 accounts. This greatly reduces the administrative burden on your organization.

Automated license assignment
Over the lifetime of a user account, licenses can be automatically assigned, activated, and updated through our Management Agent. This solution is ideal for all companies that want to control overhead. You only pay for the licenses you use.

Single Sign-On with AD FS 2.0 / 3.0
Do you want to provide your users with seamless and secure access to Office 365? To achieve this, Microsoft Identity Manager manages credentials and permissions. For security reasons, access to the cloud requires authentication. We provide single sign-on to your users by using AD FS 2.0/3.0 and federating your on-premises Active Directory authentication with your cloud applications.

O365 License Terms
Our experience and a variety of requirements from our customers for the management capabilities of Microsoft Cloud services led to the development of the Cloud Management Agent. We can license this management agent for your company and provide supporting services.

The Management Agent we developed supports the following profiles:

  • Full Import
  • Delta Import
  • Export
  • Full Sync
  • Delta Sync

 

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

For Unix SSH

The Unix Management Agent we developed provides a simple and flexible management of users and groups using Secure Shell (SSH). Many Unix derivatives are supported, including Linux.

The Management Agent provides the following functions:

  • Creating, deleting and editing users
  • Creating and deleting groups
  • Adding and removing group memberships

 

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

Connectors for databases

The Database Management Agent is a product developed by us that enables the simple, flexible and modular management of database objects. The product can only be operated in conjunction with the Microsoft Identity Manager 2016 (MIM), as it is an Extensible Management Agent (XMA2). The Database Management Agent can be purchased as a complete DBSuite for all database systems listed below or as a stand-alone product.

The management agent we developed offers the following functions:

  • Access to multiple data sources (tables, queries, stored procedures and functions) through one management agent.
  • Supports schema recognition (even with different schemas)
  • Referencing between all object classes
  • Password synchronization
  • Flexible mapping of the reference column in main and multivalue tables across multiple data sources
  • Delta synchronization with transfer of the modification type
  • Execution of a stored procedure before starting the synchronization process
  • Execution of a stored procedure after the end of the synchronization process
  • Simple configuration via XML file without programming knowledge
  • All transfer parameters can be set separately for each data source (table or query)
  • Connection via user name / password or integrated security possible
  • Export data can be transferred either to a table or to a stored procedure

 

The Management Agent we developed supports the following profiles:

  • Full Import
  • Delta Import
  • Export
  • Full Sync
  • Delta Sync

 

The Management Agent we developed supports the following databases:

  • Cassandra / DataStax
  • Exasol
  • Firebird
  • HPE Vertica
  • Informix
  • Ingres
  • MS-SQL / SQL Azure
  • mySQL / MariaDB / MemSQL
  • NuoDB
  • Oracle
  • PostgreSQL / EnterpriseDB
  • SAP HANA
  • Teradata
  • Virtuoso

 

Important! The Management Agent can be extended by us functionally and programmatically with any functions at the customer’s request.

IDABUS in the Cloud

Identity and Access Management

Academy

Trainings and Seminars

Company

The IDABUS D.O.O.

Contact us

What we can do

For a direct connection

Do you have any questions or would you like us to advise you? We will help you find the best solution for your specific requirements.