Customer is wanting a way to help stop or prevent mass events that may
come from their authoritative systems. Example, someone does a huge
snafu with a data import that trickles down to IDM / eDirectory. AD or
other systems can prevent a mass deletion of x number of users coming

We are going to be sending audit information to their SIEM. That may be
a way to analyze and send notifications...

Any IDM cache data analysis tools out there to detect large amount of
changes to send an email notification or possibly stop drivers, etc?
Wouldn't stop the eDirectory event that may have already triggered and
the obit process starting.

I'm wondering if an eDirectory enhancement would be better. A feature
that could be turned on or off. An AD recycle bin type of a feature...
To analyze data events in a window of time prior to executing events. To
cache certain events and restore those changes ... Obit process wouldn't
be able to process them for x amount of time...

Posting to eDir forums as well


fp_IDMWORKS's Profile:
View this thread: