IDM Account Collector and certify against targets?
There is a step I do not understand in IDG.
If I have an IDM system with 10 connected apps. AD, DB, LDAP, whatever.
I collect the accounts via the IDM Collector so I get a application for each driver with entitlements. All good.
I fulfill via IDM Automated, so when I say revoke the group in AD permission, IDM fulfills it.
How do I certify that the group remove really happened in AD?
Can I collect the AD permissions/Accounts and somehow tie them to the Applications made via entitlements in the IDM Account collector?
Re: IDM Account Collector and certify against targets?
In the case that you are outlining, yes one would want to collect at least the AD Permissions (if you can map directly to the Identities otherwise you would also need the AD Accounts). Then you would utilize the information that I had sent to you on 04-March-2020 related to inconsistency situations.
Principal Enterprise Architect