Using UMRA to link PeopleSoft Enterprise
with user account information in the network

UMRA offers the possibility to link PeopleSoft Enterprise with user accounts in the network. When connected using UMRA, each change in PeopleSoft Enterprise can be detected. For each change, a corresponding procedure can be defined to update user accounts and associated resources in the network. In the table below some examples of changes and procedures are listed:

Tools4ever has dozens of predefined procedures available which can be tailored to specific needs within the organization. This makes it possible to fit UMRA quickly and efficiently into the existing user account management process of the organization.

Advantages of automated linking:

Shorter turnaround time for creating accounts
Changes to PeopleSoft Enterprise (new employee / employees leaving the company, job changes, changes in contact details) are maintained meticulously and consistently by the HR department. A "First Working Day" procedure specifies that a new employee is entered in the HR System before the first working day. By linking the HR System to the user accounts in the network, changes can be implemented directly and without introducing any errors. On the first day of employment, the user account is created with the correct security settings as specified in the employee's function profile. This account will be available on all plaforms and for all applications within the company.

Error free creation of accounts
By linking PeopleSoft Enterprise to user account information in the network, changes can be implemented directly and without loss of information. In many companies, there is no automatic procedure to handle such changes. Instead, there is often only a manual e-mail procedure in place which can easily lead to errors and delays. Procedures for such changes often only consist of sending an e-mail. Imagine the possible consequences if , due to an oversight, the user account of an employee who has left the company is not (properly) removed or disabled in the network!

Offering advanced functionality to the organization
PeopleSoft Enterprise contains a lot of information which has the potential of improving the service level for the organization. An example will illustrate this. Since the relationship between a manager and an employee is known in PeopleSoft Enterprise, it is possible to notify a manager by e-mail if a new account has been created, together with the exact details of the employee. This same relationship also makes it possible to give a manager access rights to the employee's mailbox and home directory.

When an employee leaves the company, the removal of an account can be done in phases. First, the account will be disabled immediately and moved to another OU. After two months, the home directory data can be moved to a secondary storage location. It would also be possible to automatically set an auto respond email and to have all emails for the ex-employee forwarded to the employee's manager.

Meeting Service Level Agreements with minimum of staff
In many organizations, creating, editing and removing user accounts takes approximately 30 minutes (excluding the correction of possible errors). On average, 10 changes per week have to be implemented for every 100 users (Source: Gartner). By establishing an automated link from Peoplesoft Enterprise to the directory service containing the user accounts, the user account management efforts for a systems administrator and / or helpdesk employee will be reduced to close to zero. In case of an organization with 1000 employees, this would already make 1 employee redundant for user account management.

Meeting Service Levels with cheaper human resources
Apart from the direct link with PeopleSoft Enterprise, forms can be made available to the helpdesk employees with which any remaining user account management task can be simply executed. Some examples: resetting and/or unlocking user accounts, ad hoc editing of a user account, approving changes coming from PeopleSoft Enterprise, etc. The use of forms does not require any technical knowledge from the person in charge of managing user accounts.

Security/Auditing
If there is no solution available for user account management, every employee involved in user account management needs to have many privileges for the network. It may be necessary for instance, to give helpdesk employees Domain Admin rights, giving them full access to all information the network. When UMRA is implemented, these privileges are strongly reduced. An IT employee can only execute those tasks for which UMRA has been configured. Direct access (e.g. though ADUC or NTFS) is no longer possible.

Enforcing company policies
In UMRA, user account management is controlled through templates and profiles. Using a template and profile, the Systems Administration department can specify exactly how an account should be created. With the same mechanism, quality standards of the Quality Control and / or Auditing Department can be implemented. It is possible to implement company policies in different phases, reducing the pollution of user account information step by step. This will result in fewer security issues and will simplify the implementation of changes in the network.