Overview
Problem Statement
The customer operates across multiple forest environments (Forest 1, Forest 2, and Forest 3), each governed by unique identity lifecycle management policies, provisioning workflows, and naming conventions. The primary objective is to streamline and automate user account provisioning, updates, and de-provisioning while maintaining compliance with domain-specific requirements and reducing reliance on manual processes. Provisioning across domains is challenged by inconsistent logic, complex naming conventions, and duplication issues. Cross-forest manager-to-user mapping, OTP and email handling, and lifecycle management for rehires and terminations add further complexity. Read-only domain restrictions and the need for cross-domain group assignments also hinder smooth operations.
Customer Value
Infosys has developed a solution where Saviynt EIC integrates with three Active Directory forests via ADSI to automate and manage identity lifecycle operations across domains. The solution enhances operational efficiency by automating provisioning and lifecycle management, significantly reducing manual effort and minimizing errors. It ensures compliance and governance through consistent enforcement of domain-specific policies. With support for cross-domain and cross-forest group assignments, the system offers strong scalability, making it well-suited for future expansion. Security is bolstered by OTP-based password delivery, which enhances account protection. The user experience is improved through streamlined onboarding and rehire processes, leading to faster turnaround times. Additionally, the implementation of clear rules and naming conventions ensures strong auditability, supporting traceability and audit readiness.
Download the full Solution Brief here