Microsoft Active Directory Summary

Document created by Jamie Pryer Employee on Sep 14, 2020Last modified by Mostafa Helmy on Sep 23, 2020
Version 8Show Document
  • View in full screen mode

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.


This integration with RSA Identity Governance and Lifecycle, allows organisations to automatically collect access control list (ACL) data (who has access to what), identity data, role data and also directly provision/de-provision access too. You can also use AD for authentication purposes.


Once the integratoin of the products is completed, there are then futher solutions which can be applied to add even more value, quickly and easily, such as specific AD Dashboards and solution guides from RSA PS.

RSA Identity Governance and Lifecycle include and Out the Box "OTB" application Wizard for Microsoft Active Director. This should be used where possible, as it will save time and effort in the configuration.


General ApplicationsCollectorConnectorIdentity SourceAuthenticationOther
Microsoft Active Directory Summary


Page Contents:


Summary - Collector (Governance) Capabilities


Summary - Connector (Lifecycle) Capabilities

RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide Available
Create an Account
Delete an Account
Reset an Account Password
Add Account to Group
Remove Account from Group
Enable an Account
Disable an Account
Update an Account

Move an Account

Lock an Account

Unlock an Account

Create a Group

Delete a Group
Update a Group

Summary - Identity Capabilities

Summary - Authentication Capabilities

Note: Capabilities are always being updated, please check the documentation and comment below if something is not listed, which is required.


Other useful Resources / What Next:

ResourceRSA CertifiedOwnerCostDetails
Active Directory (AD) Managed Applications RSAThe following document, created by RSA Professional Services, provides details on the out of the box components used to separate the AD managed applications so that they are displayed as individual applications, instead of AD groups within a directory. Once separated, these applications are clearly displayed against the user, within User Access Reviews and also Access Request where changes can be automatically fulfilled re-using existing connectors.
Recommended Practices: Collecting from Active Directory RSAThis recommended Practices guide from RSA Professional Services team, helps to setup and create an AD application within RSA IGL. This guide includes various recommendations along with tips/tricks to make you succesful.
Blueprint - Dormancy Process (Disable/Delete based on inactivity)  RSAThis dormancy process will enable organisations to set a timeframe when an account should be lock and/or removed, based on inactivity.
RSA Identity G&L - Questionnaire - AD Account Collector RSAThis questionnarie will help you work with the business, to get all the relevant info you need, when setting up Active Directory with RSA IGL
RSA Identity G&L - Collecting Foreign Security Principals RSAThis guide will help you to configure RSA IGL with AD, when you have a large domain with Foreign Security Principals


Detailed Guides

To learn more, please find attached the detailed guides:


For Additional Support

 For additional Professional Services support, if needed to implement this solution, please contact your local account rep.