RSA Governance & Lifecycle Integration: Microsoft Active Directory Summary

2 years ago

Originally Published: 2020-09-14

MicroftActiveDirectory.gif.jpg

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.

This integration with RSA Identity Governance and Lifecycle, allows organisations to automatically collect access control list (ACL) data (who has access to what), identity data, role data and also directly provision/de-provision access too. You can also use AD for authentication purposes.

Once the integratoin of the products is completed, there are then futher solutions which can be applied to add even more value, quickly and easily, such as specific AD Dashboards and solution guides from RSA PS.

RSA Identity Governance and Lifecycle include and Out the Box "OTB" application Wizard for Microsoft Active Director. This should be used where possible, as it will save time and effort in the configuration.

General Applications		Collector	Connector	Identity Source	Authentication	Other
	Microsoft Active Directory Summary

Page Contents:

Summary - Collector (Governance) Capabilities
Summary - Connector (Lifecycle) Capabilities
Summary -Identity Capabilities
Summary - Authentication Capabilities
Other useful Resources / What Next:
Detailed Guides
For Additional Support

Summary - Collector (Governance) Capabilities

RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide	Available
Accounts
Groups
App Roles
Entitlements
Roles

Summary - Connector (Lifecycle) Capabilities

RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide	Available
Create an Account
Delete an Account
Reset an Account Password
Add Account to Group
Remove Account from Group
Enable an Account
Disable an Account
Update an Account
Move an Account
Lock an Account
Unlock an Account
Create a Group
Delete a Group
Update a Group

Summary - Identity Capabilities

RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide	Available
Identities

Summary - Authentication Capabilities

RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide	Available
LDAP
SAML

Note: Capabilities are always being updated, please check the documentation and comment below if something is not listed, which is required.

Other useful Resources / What Next:

Resource	Owner	Details
https://community.rsa.com/community/products/governance-and-lifecycle/exchange/recipes/blog/2020/04/29/active-directory-ad-managed-applications?sr=search&searchId=6bffea82-c459-4566-8e69-6e6881578da3&searchIndex=0	RSA	The following document, created by RSA Professional Services, provides details on the out of the box components used to separate the AD managed applications so that they are displayed as individual applications, instead of AD groups within a directory. Once separated, these applications are clearly displayed against the user, within User Access Reviews and also Access Request where changes can be automatically fulfilled re-using existing connectors.
Recommended Practices: Collecting from Active Directory	RSA	This recommended Practices guide from RSA Professional Services team, helps to setup and create an AD application within RSA IGL. This guide includes various recommendations along with tips/tricks to make you succesful.
Bulk Disable and Lock Inactive Accounts Implementation Blueprint	RSA	This dormancy process will enable organisations to set a timeframe when an account should be lock and/or removed, based on inactivity.
RSA Identity G&L - Questionnaire - AD Account Collector	RSA	This questionnarie will help you work with the business, to get all the relevant info you need, when setting up Active Directory with RSA IGL
RSA Identity G&L - Collecting Foreign Security Principals	RSA	This guide will help you to configure RSA IGL with AD, when you have a large domain with Foreign Security Principals