Supported Features

The connector supports the following features:

  • Load and *Provision

    • Active Directory Accounts

    • Exchange Mailboxes

    • Skype for Business Accounts

  • Active Directory Contacts

    • Manages Active Directory Contacts as Accounts

    • Aggregation, Refresh Account, and Delta Aggregation of Contacts

    • Create

    • Add or Remove Entitlements

    • Create Exchange Mail Contact

  • Active Directory Service Accounts (Managed Service Accounts/Group Managed Service Accounts)

    • Account Aggregation

    • Create or Refresh

    • Add or Remove Entitlements

  • Resource Forest Topology Exchange Management. For more information, see Active Directory Resource Forest Topology Exchange Management.

    • Aggregate Linked Mailbox properties for the Account Forest User

    • Aggregate Mail User or Mail Contact from the Resource Forest Exchange

    • Delta Aggregation supports aggregation for the following delta changes:

      • Create Linked Mailbox or Update Linked Mailbox Properties

      • Mail enabled Distribution List membership changes for the shadow account

    • Create Linked Mailbox for the Account Forest User

  • Delta aggregation (using DirSync search) to fetch changes since last aggregation from Active Directory. For more information, see Delta Aggregation

  • *Access Certifications (certification of entitlements connected to accounts)

  • Authentication

  • *Password management

  • Password Interception

  • The Active Directory source supports the Active Directory group hierarchy

For more information on features, see Identity Security Cloud Source Features.

Note
Before you can use any item above marked with an asterisk (*), SailPoint must activate the feature for your site.

User Features

Feature

Users

Accounts

Contacts

Service Accounts

Aggregate

ü

ü

ü

Partitioning Aggregation

ü

N/A

N/A

Delta Aggregation

ü

ü

N/A

Authentication

ü

N/A

N/A

Create

ü

ü

ü

Password Management

ü

N/A

N/A

Enable/Disable

ü

N/A

N/A

Entitlement (Read, Request, or Revoke)

ü

Groups

ü

Groups

ü

Groups

Exchange

(Read or Create)

Mailbox

ü

N/A

N/A

Mail User

ü

N/A

N/A

Mail Contact

 N/A

ü

N/A

Skype for Business Account (Read or Create)

ü

N/A

N/A

Group Entitlements

Group Entitlements are the entitlement types for which Identity Security Cloud provides ability to aggregate additional details of these entitlement types from the managed system. These objects have separate schema defining list of attributes that aggregation task fetches as additional details when aggregation is run for that Group Entitlement type.

Feature

Groups

sharedMailBox

Aggregation

ü

ü

Read Group Hierarchy

ü

N/A

Shared Mailbox Management

The Active Directory source supports managing Shared Mailbox as additional group object.

Supported Operations

Operations

Details/Features

Aggregation

  • Aggregate Shared Mailbox as Account Group Object.

  • Aggregation of User's Shared Mailbox assignment as an entitlement.

Add or Remove Shared Mailboxes

Add or remove Shared Mailboxes to users, as an entitlement.