none
Approval based user provisioning RRS feed

  • Question

  • Hi guys, I am trying to implement user provisioning to target systems based on approvals in FIM 2010. Is there any way it can be achieved OOB? Thanks in advance!

    Aravinth Jerry Microsoft Identity Consultant

    Thursday, August 23, 2012 12:04 AM

Answers

  • Aravinth,

    This can be configured OOB based on your scenario. If somebody goes to the portal to create a user, it is easy to configure approvals being required for this to succeed. If you are bringing in information from sync engine, this could be tougher since sync engine export to FIM service by-passes the AuthZ phase.

    If it is the first case, you can take the existing MPR that allows user creation and add the AuthZ workflow to it. If you want this to only apply to certain users than you would make a new MPR and have just these users in set used for requesting set in MPR.

    • Marked as answer by Aravinth Jerry Thursday, August 23, 2012 6:42 AM
    Thursday, August 23, 2012 5:45 AM

All replies

  • Aravinth,

    This can be configured OOB based on your scenario. If somebody goes to the portal to create a user, it is easy to configure approvals being required for this to succeed. If you are bringing in information from sync engine, this could be tougher since sync engine export to FIM service by-passes the AuthZ phase.

    If it is the first case, you can take the existing MPR that allows user creation and add the AuthZ workflow to it. If you want this to only apply to certain users than you would make a new MPR and have just these users in set used for requesting set in MPR.

    • Marked as answer by Aravinth Jerry Thursday, August 23, 2012 6:42 AM
    Thursday, August 23, 2012 5:45 AM
  • Thanks a lot Glenn!

    My issue is the second case. I have users coming from HR System in FIM Sync.

    I guess, I need to sweat!


    Aravinth Jerry Microsoft Identity Consultant

    Thursday, August 23, 2012 6:31 AM