Thank you for the question. Can you provide some more detail on what you're trying to do? This attribute is enabled with two of the templates. Pre-Offboard for employee and Post-Offboard template. Are you trying to synchronize this attribute to an on-premise attribute? Please let us know.
Well done! 👍 Given that dynamic AAD groups are usually constructed based on user's attributes such as "Department" or "Telephone", is it possible to modify/clear these attributes using the workflows? Pity we cannot alter the welcome email template.
You cannot clear those attributes that define the dynamic group. If you wanted to adjust your workflow based on some other category, I'd suggest you use one of the extension attributes in the property section under configure scope. Hope this answer helps. Thank you for your post!
This is a great video. Question, for Hybrid Active directory, I assume the capabilities of Licycle workflows is limited, right (ex: Adding or removing employees to/from on-premise originating groups, and disabling users that originate from on-premise)
Yeah this is more for in the cloud. It’s not a mature product. This automated joiner and leaver but not mover. I’d go with a SailPoint or Saaviyant product to manage my identities properly.
I haven't done that before. To be honest, this JML(joiner mover leaver) created from Microsoft isn't too mature. What 3rd party application are you trying to integrate with?
@@cloudscholars everything. Pager duty, Salesforce, servicenow, pull from ADP or SAP to create users, assign just access needed in these apps too like Salesforce and ServiceNow. If you are contractors you get X level of access in SaaS apps versus employees. Same for sales teams etc...
@@gary1488 yeah I’d have to do some research. If you’re looking to use those platforms do you have any other identity management tool on prem? For instance a SailPoint or Saviyant?
@@gary1488 do you have those apps connected via SSO? I would assume that you could create access packages or, add the user to that application, and use just in time provisioning if they have it. But I think an admin would still need to assign the security permissions but the account would be created automatically once they login.
I tried the same method, and it worked. However, we couldn't see the email details for the new user in the new join email.How can I add and view new user email details in the new join email template?
Exactly what i needed thank you very much for this!
Awesome! We are glad it helped you out.
@@cloudscholars one thing that I’m having issues with it enabling the EmployeeLeaveDateTime attribute how do you enable this attribute?
Thank you for the question. Can you provide some more detail on what you're trying to do? This attribute is enabled with two of the templates. Pre-Offboard for employee and Post-Offboard template. Are you trying to synchronize this attribute to an on-premise attribute? Please let us know.
Wonderful man.
Thankyou.
Well done! 👍 Given that dynamic AAD groups are usually constructed based on user's attributes such as "Department" or "Telephone", is it possible to modify/clear these attributes using the workflows? Pity we cannot alter the welcome email template.
You cannot clear those attributes that define the dynamic group. If you wanted to adjust your workflow based on some other category, I'd suggest you use one of the extension attributes in the property section under configure scope. Hope this answer helps.
Thank you for your post!
This is a great video. Question, for Hybrid Active directory, I assume the capabilities of Licycle workflows is limited, right (ex: Adding or removing employees to/from on-premise originating groups, and disabling users that originate from on-premise)
Yeah this is more for in the cloud. It’s not a mature product. This automated joiner and leaver but not mover. I’d go with a SailPoint or Saaviyant product to manage my identities properly.
This product works for the cloud. Not so great for on premise. Not fully matured since it’s so new.
So how do you provision and deprovision into 3rd party apps and to take it a step further give them specific access into those apps using API calls?
I haven't done that before. To be honest, this JML(joiner mover leaver) created from Microsoft isn't too mature. What 3rd party application are you trying to integrate with?
@@cloudscholars everything. Pager duty, Salesforce, servicenow, pull from ADP or SAP to create users, assign just access needed in these apps too like Salesforce and ServiceNow. If you are contractors you get X level of access in SaaS apps versus employees. Same for sales teams etc...
@@gary1488 yeah I’d have to do some research. If you’re looking to use those platforms do you have any other identity management tool on prem? For instance a SailPoint or Saviyant?
@@gary1488 do you have those apps connected via SSO? I would assume that you could create access packages or, add the user to that application, and use just in time provisioning if they have it. But I think an admin would still need to assign the security permissions but the account would be created automatically once they login.
I tried the same method, and it worked. However, we couldn't see the email details for the new user in the new join email.How can I add and view new user email details in the new join email template?