Symantec IGA

 View Only
  • 1.  User OU movement via Identity portal AD endpoint

    Posted 10 days ago

    Dear all ,

    can we use Identity portal to move users OU in active directory endpoint using Identity Portal .

    we know this can be done with Identity manager .

    Can we achieve this using Identity Portal ?

    Please suggest a way .


  • 2.  RE: User OU movement via Identity portal AD endpoint

    Broadcom Employee
    Posted 8 days ago
    Edited by Eduard Palomeras 8 days ago

    Hi Ribesh,

    if we think about it, Identity Manager is the technical console, someone with directory structure knowledge can decide to move accounts between organizational units inside Active Directory. Then Identity Portal is more geared towards the end user, who likely does not know about technical assets, OUs and even might not be familiar with the term active directory, right? 

    Then what I would suggest is that you create an item in the business catalog that describes what the user is aiming to do, for instance a department change, a new job position, a re-location, cost center,... something the user can understand. This can be tied through roles or attribute changes into Identity Manager "engine", which can trigger a Policy Xpress. Look into PX policies, you will find the move user between OUs primitive (in the accounts category, move account.

    Polixy Xpress move account
    I hope this helps, nevertheless, if you find that Identity Portal should have this feature please fill in an enhancement request idea, I am sure Product Management will take a look at it.