Thursday, October 10, 2019

Sailpoint IQ Active Directory Application Integration Using OOTB Connector - Aggregation

Integration of Active Directory with SailPoint IIQ

Check this blogpost for the Active Directory Provisioning 

Navigate to Application → New Application
Select Application Type as Active Directory-Direct and provide the Application Name and Owner Field



Enter the Forest Name , Global Catalog Server ie DC and the credentials of the service Account , Add the above entered Forest details and Click on Discover to get all the Domains Available in the Forest.



Here we can add and remove the Domain which we want to manage from this Application



Here we can add and remove account OU which we are managing from the above Domains



Here we can add Groups OU which we are managing from the above Domains



Test the Target Application Connectivity



Create the correction Rule , based on which user need to be linked from the Active Directory to the Sailpoint.



Create the Group Aggregation Task to pull all the Entitlement from Active Directory and click on save and Run.



we can check all the Entitlements Aggregated from Active Directory in Applications Entitlement Catalog




Create the Account Aggregation Task to pull all the Users Accounts from Active Directory and click on save and Run.



we can check all the Accounts Aggregated from Active Directory in Applications Edit Application Accounts Tab