Why are we doing this?
Our legacy IAM solution (Passport York) has reached some of limits in terms of group provisioning (e.g. automatic provisioning access to AD and Azure AD resources) that we are more and more relying on running ad-hoc scripts and manual interventions to try to keep up.
Reduced productivity resulting by the increase of manual work required by the various IT departments of the university to fulfill access management needs.
How do we judge success? Success metrics
|What are possible solutions?|
Statements of justification for the solution(s) chosen
Grouper: An open-source access management solution that can provide automatic group provisioning, based on attribute, role or membership of a person.
*Note: Depending on the advancement of the project, the decommissioning of current scripts could be scoped out of this project and handled by a separate initiatives outside the CSP.
|Issues tracking||IT Ticketing system and JIRA|
|Who is the customer and how does this help them?|
The overall organization
|Why will the customer want this?|
Reducing required time to complete access management request
Affecting IT staff to activities that provides more value to the organization.
|Scale and scope|
Scale: Medium to large