Various embodiments described herein relate to computer systems, methods and program products and, more particularly, to virtualized computer systems, methods and computer program products.
Modern enterprise software environments may integrate a large number of software systems to facilitate complex business processes. Many of these software systems may interact with and/or rely on services provided by other systems (e.g., third-party systems or services) in order to perform their functionalities or otherwise fulfill their responsibilities, and thus, can be referred to as “systems of systems.” For example, some enterprise-grade identity management suites may support management and provisioning of users, identities, and roles in large organizations across a spectrum of different endpoint systems. Such systems can be deployed into large organizations or corporations, such as banks and telecommunications providers, and may be used to manage the digital identities of personnel and to control access of their vast and distributed computational resources and services.
In particular, identity management products can automate the process of granting and verifying application access based on each user's relationship and role with the organization (including but not limited to employees, administrators, contractors, customers or business partners), which can improve information technology (IT) flexibility and/or operational efficiencies. Such identity management products can also reduce security risks by on-boarding new users faster, and/or by ensuring users are only granted access that is appropriate to their function.
As noted above, one use case for identity management products is the ability to provision access to disparate endpoint systems. For example, an identity may be associated with a single authoritative user stored in a corporate store (such as Microsoft Active Directory), but may be associated with numerous accounts in other managed endpoints such as SAP®, PeopleSoft®, Google Apps®, etc. Provisioning to these endpoints is typically the responsibility of a network component referred to as the Connector Server (CS). The Connector Server may utilize a number of connectors, each of which may be responsible for a different endpoint type. These connectors can thus act as a bridge to convert requests and data from a common format used within the Connector Server into the specific protocol(s) or client libraries used within or otherwise understandable by the endpoint.