Skip to main content

How to Implement a New System

How to add a new system to the solution.

Overview

When connecting Usercube to a new system, several process paths can be taken according to your strategy. There is no option fundamentally better than the others, your decision must depend on your needs.

The option A leads quickly to the implementation in production environment, i.e. a new application in Usercube's scope. With this, you can review orphan and unused accounts, provision the AD, reconcile properties, and generate reports, for example the list of profiles assigned to users.

The option B takes more time as it goes through the creation of the role model based on the system's entitlements, but it leads to even more gain as you can also reconcile roles, perform access certification and request entitlement assignment, and also generate reports, for example the list of assigned single roles.

The option B is more complicated and time-consuming than the option A, but leads to more gain. Be aware that you can go through the process options simultaneously.

Process Schema - How to Implement a New System

Process Details

Common starting steps

  1. Connect Usercube to the system: create the appropriate connector with its connections and entity types.

  2. Synchronize the system's data into Usercube.

    Based on this, you can generate reports, for example the list of resources in the system. A few predefined reports are available from the start, you can generate any report from this list as soon as it makes sense according to the integration progress.

  3. Categorize resources in order to classify them according to their intent, and correlate these resources with their owners.

  4. Create provisioning rules to write to the system in order to update the resources' properties directly in the system.

  5. Adjust the rules by reconciling resources, i.e. analyze the differences spotted between the reality of resources' properties and those computed by the previously established rules. Especially, verify that accounts are correlated to the right owners and that their properties have the right values.

    Either the integrator handles the customization of the rules and the review of non-conforming resources, or they can assign an application administrator profile to a given user to perform it. Assigning this profile requires profile configuration, see steps 11 and 12.

After connecting Usercube to an external system, two process options are available according to your needs: either aim directly to the implementation in production environment, or first build the role model in order to enable more administration activities. Both options can be started simultaneously.

Option A: Straight to production implementation

Go directly to the common final steps (step 8).

Option B: First build the role model

  1. Create roles in the role catalog for applications managed by the system.
  2. Automate role assignments if needed: use Role Mining to create single role rules in bulk; adjust the generated rules individually and manually.

Common final steps

  1. Perform tests.
  2. Deploy the pre-production configuration to the production environment.