The Solution

The solution provides the automated management of Azure Active Directory (AAD), or Active Directory (AD) accounts based upon a supported HR system as the Authoritative Source. It provides a platform for future extension and expansion, including the integration and management of other applications and services. Accounts for self-service in the HR system can also be optionally managed if your HR system supports it.

Functionality

Using your supported HR system as the Authoritative Source or Point of Truth, the following functionality will be implemented.

Automated On-Boarding

Azure Active Directory or Active Directory Account Creation

Accounts are automatically created in Active Directory-based upon employment records in your HR system and nominated information synchronised to the Azure Active Directory or Active Directory relevant account.

The account creation includes updating manager and direct reports relationships in your directory based upon the Employee’s position.

The exact schema of data can depend on your HR system, so please read the FAQ for more information.

Microsoft Exchange 2010 Mailbox Creation

UNIFYAssure can optionally provision Microsoft Exchange 2010 or later mailboxes in one mailbox store, using an algorithm for generating e-mail addresses.

Office 365 License assignment

UNIFYAssure can provide Azure Active Directory with enough information to allow for automatic assignment of Office 365 licenses. Please read the FAQ

Automated Day-To-Day Management

Azure Active Directory and Active Directory Account Information

Changes to any Employee attributes in the HR system will result in the relevant account attribute being updated automatically for that Identity - see FAQ for sync frequency.

No changes are to be made to Account Name.

Change to Employee Position

A change for the Employee of their Position will result in “Manager” and “Direct Reports” updated to reflect the Organisational change for the Identity in the directory.

Automated Off-Boarding

Azure Active Directory and Active Directory Account

Azure Active Directory or Active Directory accounts will be automatically disabled upon a termination event in your HR system.

If required, this can also result in the disabled account being moved to a “Terminated” container.