This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Reference
More than 30 IDM realisations in the Czech Republic and abroad
IdM midPoint development at Zentiva in 2019-2023
Zentiva
In 2019, a contract was signed for the supply of Evolveum’s IdM midPoint (MP) tool and over the course of 5 years, the installation, basic integration and connection of key end systems was completed. In addition, functional development of MP has taken place across a number of agreed production releases. The period then concluded with a technical release to the higher supported version 4.4.6.
Project goals
- Introduction of IdM MP version 4.0.1 tool into the Zentiva organization (incremental version upgrades up to 4.0.4) and a major technical upgrade to version 4.4.6 in 2023, which included a specific DB migration from MS SQL to PostgreSQL.
- Automatic authentication and authorization via SAML, so the user does not have to enter his login and password every time he logs into the system.
- Integration to selected systems:
- MatrixDB (source HR system Workday via MatrixDB)
- AD (active directory)
- MS Exchange
- Azure AD
- ZEUS service desk
- Manage internal and external employees, manage specific privileged accounts – such as admin accounts, service accounts, shared mailboxes, guest accounts.
- Introduction of business processes in IdM (employee lifecycle, role management, specific account retrieval from Matrix DB, specific management to AD across different types of accounts, etc…)
- Introduction of features such as email/SMS notifications, reporting, role assignment via approval workflows, including special cases such as workflows for GPX systems, job family management (definition of business roles for IdM from HR system).
Solution description
Solution infrastructure
Solution architecture
Connected applications and short description
IdM integrated applications can be divided into source and target applications. The source systems are used for importing/exporting user data, while the target systems are controlled by the IdM application.
MatrixDB
Data is retrieved from the source HR system Workday via MatrixDB – user data, organization data, JobFamilies, familyGroups.
AD (active directory)
Connection via LDAP connector, integration and management of users, groups, service accounts and shared mailboxes.
MS Exchange
MidPoint IdM integrates with Microsoft Exchange to automatically create user mailboxes.
Azure AD
IdM directly manages the lifecycle of Azure AD “guest accounts” through the MS Graph API. Other features in Azure AD are either managed through Azure AD Connect or manually handled
ZEUS service desk
IdM synchronizes Insight objects from the ZEUS servicedesk to IdM service objects, which are then used to connect offline systems