Role based access control (RBAC) refers to assigning access to people based on their roles or designations and it's a concept that was designed for simpler times. With people in organizations holding multiple roles, assigning permissions based strictly on job roles could lead to security vulnerabilities, providing more level of access than needed, to sensitive data. The new challenges require solutions that go beyond just role based access to maintain proper governance. 

The ADManager Plus solution: Customizable user provisioning and re-provisioning templates with the option to configure multiple rules based on various user attributes including titles, for a more granular approach to RBAC based IG.

How to customize User Provisioning templates for RBAC with ADManager Plus?

1. Logon to ADManager Plus.


2. Navigate to Management > User Management > User Templates > User Creation Templates > Create New Template.


3. Click on the Create Rules button at the top right corner.


4. In the Rule 1 section, click on Add Conditions. You can add multiple conditions to narrow down the access provided to a user. For example, if you want to add the managers of a specific location to a security group you can do so by adding conditions that say, 'If 'Title' equals 'Manager'', AND (+)  'If 'Office' equals 'Texas'' set 'Member Of' to 'Texas sec1' '.


5. Add other attributes values and click Save Template.

The same steps can be followed for re- provisioning of user accounts as well.