Do we have any documentation on best practice of nonemployee / contractor on-boarding. I found a doc for JML, they say -
Not sure of most organizations, but in my experience, all last 4 organizations, they used one dedicated OU in AD for storing them. Also these are not maintained properly and created by network team as and when required. So, do we have any suggestion here ?
To accommodate this in RSA, we can make use of Registration Form and allow network team to create using RSA request forms, collects them as Identity and follow the JML process for them. Being the source of the data RSA, we also need to provide request form to update their details (Last Working Date, Department, Manager etc) into AD.
But what about the Leaver process ? How do we update the expireDate from RSA ? I cant see collecting the accountExpire value into RSA by any Date identity attribute.