FC1

Feature Capsule 1

(Identity Provider Integration)

Overview:

This module demonstrates the integration of an Identity and Access Management (IAM) system with external identity sources such as Active Directory (AD), LDAP, and relational databases.

In this capsule, we implemented full connectivity and synchronization between the IAM server and Active Directory using both PowerShell scripts and LDAP protocols. The setup allows for automated user synchronization and is designed for scalable, secure identity provisioning.

Key Capabilities

• LDAP-based user discovery and synchronization
• PowerShell scripting for Active Directory interactions
• Support for user attribute mapping and transformation
• Secure communication with identity providers (LDAPS)

Documentation

Please refer to the docs/ folder for detailed guides on:

• Setting up the IAM server
• Configuring LDAP and AD connectors
• Writing and deploying PowerShell scripts
• Running synchronization jobs
• Troubleshooting common issues

Learning Videos

Walkthrough and tutorial videos can be found in the videos/ directory, including:

• IAM & AD Connector Setup
• Writing Custom PowerShell for Identity Sync
• Debugging LDAP Synchronization

Source Code

All scripts and configuration files used in this capsule are available in the src/ folder. Key files include:

• Connector.ps1 – PowerShell script for syncing users from AD
• ldap-config.xml – Example LDAP connection configuration
• transform.groovy – Attribute transformation script

Prerequisites

• IAM server (e.g., Irancell IAM)
• Active Directory with appropriate access credentials
• PowerShell 5.1+ (for Windows environments)
• LDAPS enabled on the domain controller

---

Note:
This capsule serves as a foundation for identity source integration and is critical for further provisioning and reconciliation features in the IAM lifecycle.