Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.
This integration with RSA Identity Governance and Lifecycle, allows organisations to automatically collect access control list (ACL) data (who has access to what), identity data, role data and also directly provision/de-provision access too. You can also use AD for authentication purposes.
Once the integratoin of the products is completed, there are then futher solutions which can be applied to add even more value, quickly and easily, such as specific AD Dashboards and solution guides from RSA PS.
RSA Identity Governance and Lifecycle include and Out the Box "OTB" application Wizard for Microsoft Active Director. This should be used where possible, as it will save time and effort in the configuration.
| General Applications | Collector | Connector | Identity Source | Authentication | Other | |
|---|---|---|---|---|---|---|
 |
Microsoft Active Directory Summary |  |
|
|
|
|
Page Contents:
- Summary - Collector (Governance) Capabilities
- Summary - Connector (Lifecycle) Capabilities
- Summary -Identity Capabilities
- Summary - Authentication Capabilities
- Other useful Resources / What Next:
- Detailed Guides
- For Additional Support
Summary - Collector (Governance) Capabilities
| RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide | Available |
|---|---|
| Accounts | |
| Groups | |
| App Roles | |
| Entitlements | |
| Roles | |
Summary - Connector (Lifecycle) Capabilities
| RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide | Available |
|---|---|
| Create an Account | |
| Delete an Account | |
| Reset an Account Password | |
| Add Account to Group | |
| Remove Account from Group | |
| Enable an Account | |
| Disable an Account | |
| Update an Account | |
|
Move an Account |
|
|
Lock an Account |
|
|
Unlock an Account |
|
|
Create a Group |
|
| Delete a Group | |
| Update a Group | |
Summary - Identity Capabilities
| RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide | Available |
|---|---|
| Identities | |
Summary - Authentication Capabilities
| RSA Identity Governance and Lifecycle - Microsoft Active Directory Application Guide | Available |
|---|---|
| LDAP | |
| SAML | |
Note: Capabilities are always being updated, please check the documentation and comment below if something is not listed, which is required.
Other useful Resources / What Next:
| Resource | RSA Certified | Owner | Cost | Details |
|---|---|---|---|---|
| https://community.rsa.com/community/products/governance-and-lifecycle/exchange/recipes/blog/2020/04/29/active-directory-ad-managed-applications?sr=search&searchId=6bffea82-c459-4566-8e69-6e6881578da3&searchIndex=0 | |
RSA | The following document, created by RSA Professional Services, provides details on the out of the box components used to separate the AD managed applications so that they are displayed as individual applications, instead of AD groups within a directory. Once separated, these applications are clearly displayed against the user, within User Access Reviews and also Access Request where changes can be automatically fulfilled re-using existing connectors. | |
| Recommended Practices: Collecting from Active Directory | |
RSA | This recommended Practices guide from RSA Professional Services team, helps to setup and create an AD application within RSA IGL. This guide includes various recommendations along with tips/tricks to make you succesful. | |
| Bulk Disable and Lock Inactive Accounts Implementation Blueprint | |
RSA | |
This dormancy process will enable organisations to set a timeframe when an account should be lock and/or removed, based on inactivity. |
| RSA Identity G&L - Questionnaire - AD Account Collector | |
RSA | This questionnarie will help you work with the business, to get all the relevant info you need, when setting up Active Directory with RSA IGL | |
| RSA Identity G&L - Collecting Foreign Security Principals | |
RSA | This guide will help you to configure RSA IGL with AD, when you have a large domain with Foreign Security Principals |
Detailed Guides
To learn more, please find attached the detailed guides:
For Additional Support
For additional Professional Services support, if needed to implement this solution, please contact your local account rep.
On this page
