A true identity management solution should never lock you into a specific name generation algorithm. NIM is designed to allow you to control the entire name generation process. A major part of that process is uniqueness. NIM has an entire section dedicated to uniqueness requirements. Typically, "uniqueness" is evaluated for full name, user name, and email, but in reality, it can be used for any generated variable within the NIM "Name Generator" process. Uniqueness requirements can be designed to evaluate all target systems for uniqueness before the variable is generated.

For example, guaranteeing the username is the same across all target systems. If NIM's Name Generator determines a downstream target system has a user name duplication conflict, the generator will iterate to a new username and reevaluate all target systems for uniqueness. The iteration algorithm is extremely flexible, which makes it easy to configure to meet your organization's requirements.

NIM's open data model is designed for simple to complex multi-system environments. This allows NIM to support virtually an unlimited number of source and target systems.

Some common systems are UKG Pro, Workday, BambooHR, Active Directory, Azure AD, Google Workspace, SAP SuccessFactors, Dropbox, ADP, and Salesforce.

Unlimited, NIM's core design is to support small to extremely large (200K+ identities) without sacrificing performance. This is accomplished by using the host system's memory and optimized data relationship algorithms.

NIM's main focus is automating an organization's user lifecycle provisioning process. However, not everything can be automated, and manual processes are required. This is where NIM Applications come into play. Organizations can customize web applications that leverage NIM's data and internal processes, such as data relationships, role models, and name and password generation. In addition, each application has its own security access control list (ACL). This allows you to delegate applications to specific roles, such as the Helpdesk or a single user. All the while, it logs every action to be used for auditing purposes.

Below is a list of possible NIM Applications:

• Creating non-HR related user accounts such as temp workers or substitute teachers

• Helpdesk ad hoc group management

• Teacher classroom student password reset

• AUP and Acknowledgement form

• List Users Created or Modified past 30 days

• List Users with password Expires within a timeframe

• List users with no logon in the past X days

No, NIM is a menu-driven identity management (IDM) solution that does not require scripting knowledge. However, NIM supports advanced features such as using JavaScript to generate new data columns based on existing columns or manipulating the data format of a column when required.

NIM's Role Modeling feature allows you to create business roles to help manage entitlements. An example of entitlement is an Active Directory security group or distribution group. Roles are typically based on filtered information such as job title, building location, etc. In addition to role management, NIM supports role mining and role generation.

Role mining is where you analyze your current group configuration across all your systems and display commonalities. For example, the job titles "marketing assistant" and "marketing supervisor" are members of the same five marketing groups.

Role generation is where you use role mining information to generate roles. For example, one role for marketing includes two job titles, "marketing assistant" and "marketing supervisor"; the entitlements are five groups.

For detailed information on how to configure NIM, such as source and target system configuration, user name and password generation, OneRoster exports, role mining, role generation, and much more, visit our NIM documentation website at https://docs.nimsuite.com/

Tools4ever has two provisioning products, NIM and HelloID, that utilize two different methods of evaluating source data: synchronization and event-based evaluation.

NIM uses a synchronization method based on the "soll-ist" philosophy of "desired situation" and "current situation." This method is also known as a "Single Source of Truth," where source data is synchronized to downstream systems on a schedule. NIM accomplishes this by evaluating the data from all source and target systems. When NIM identifies data in the target systems that does not match the source system, NIM will synchronize the source data to the target system. This method guarantees that all downstream systems have the same information as the source system.

HelloID uses an event-based evaluation method. On schedule, source data is evaluated for changes. When a change is detected, that change will then be propagated to downstream systems. In this method, downstream systems may contain different information than the source system. This allows for ad hoc changes to downstream systems without the worry that the source system data will overwrite the ad hoc change.

Yes, NIM's export functionality can also be configured to execute SFTP transfers. This allows NIM to not only export a file or multiple files (typically CSV) but can also transfer the file to a target system using SFTP. Additionally, in compliance with the OneRoster specification, you can compress the files into a single zip before uploading as well.