First steps with midPoint
This is a guide to a simplified midPoint deployment to help you grasp the basics and get tangible results in days instead of months.
This guide is a blueprint to the initial identity management deployment modelling a common organization. Its scope is limited to identities and their accounts with the ability to cover birthright permissions in target systems.
The series of tutorials in this guide includes the following key points of deploying midPoint:
-
Some theory to help you understand common pitfalls and start your new IGA project off on the right foot.
-
Adapt the midPoint deployment to your existing IT environment.
-
Integrate the first source and target systems using correlation.
-
Map the system account attributes.
-
Detect and handle orphaned accounts.
-
Automate the identity lifecycle and joiner-mover-leaver (JML) process.
-
Override incorrect source system data.
Methodology behind this guide
We believe the best way to get started is to use an iterative cyclic approach. Start with a series of small steps that deliver the value early on, and then repeat those steps to refine your solution. The steps consist of connecting new systems, cleaning up the data, and automating the processes. Each cycle should take a few days at most. Of course, every deployment velocity depends on many factors, such as cooperation speed within the company, but the iterative approach generally allows for manageable effort and budget allocation. More on the methodology concept in a bit.
For whom is this guide?
This guide is meant to help small and mid-size organizations. Typically, such organizations handle hundreds or lower thousands of identities, most of the processes are manual, and the IT staff doesn’t have a lot of knowledge about identity governance and administration (IGA). We expect that there’s an HR system serving as a source of the identity data, as is usual for medium-sized businesses, smaller government offices, or academic institutions.
Nonetheless, most concepts in this guide are applicable to organizations of any size and type. Even if your organization manages a considerably larger number of identities, the deployment process is the same. It will probably cost more time and money, but that’s it.
Key challenges and requirements
These are the usual challenges you may be facing:
-
Your identity data is of low quality because it’s maintained manually without automatic validation.
-
You need more people to manage identities.
-
You want to improve your IGA and get tangible results quickly.
-
The implementation can’t be a "big bang" effort because your IT staff must also continue performing their regular duties.
By going through this guide, you’ll learn how to deploy midPoint iteratively and get first results in a matter of weeks, even if you face all the challenges mentioned above.
Why midPoint?
Here are some pointers as to why midPoint is worth your attention when looking for an IGA solution:
-
MidPoint is an open-source software (OSS) that requires a minimum initial investment and no licensing fees before the project begins.
-
The software and documentation are open, meaning they’re freely available. You don’t have to spend money on consulting services to get started. You can do the first steps (like prototyping) yourself.
-
MidPoint is available now. No paperwork, contracts, or registration required. Just download midPoint and try it out.
-
MidPoint is an OSS product with a dedicated team of professionals ready to provide support. Contact us to discover more about our services and benefits.
-
Evolveum has a network of official partners that are ready to deliver dedicated professional support for your project as well.
While learning to use midPoint, you can feel safe thanks to simulations. Before making any changes that could potentially damage your data, you can test them to see if you get the expected results.
However, no matter how safe midPoint is, it is still a good practice to back up your data regularly.
Next steps
Proceed to the outline to discover what awaits you in the roadmap of this guide.