PeopleProvision and PeopleNexus were recently released.  They provide Active Directory user provisioning without custom scripting.  When PeopleProvision v1.0 was released, we wrote a four part blog series about it:

https://webactivedirectory.com/active-directory/active-directory-provisioning-based-on-powershell-extensibility-without-costly-implementation

These articles emphasized some truths about PeopleProvision:

• It’s an open architecture—completely extensible via PowerShell for power users
• It does a lot for you once you set it up and setting it up isn’t complicated. Other vendors rely a lot on implementation services dollars where Web Active Directory, primarily a software company, offers software that tries to empower you (though our services are there if you want them).

Now that PeopleProvision v3.0 has been released, it’s time to revisit these articles.  These two points hold more than ever.  We remain an open, extensible architecture.  The software as we listen to our customer base continues to allow you to do more out of the box.  We’ll continue with that commitment.

Active Directory User Provisioning Without Custom Scripting

What we want to revisit is the emphasis on how much scripting in PowerShell might be necessary for you to do big customizations.  With PeopleProvision v3.0 (and the newly released PeopleNexus 3.0 which handles bulk provisioning and updates) you can put what data you want (either from your provisioning form or from bulk data sources) into almost any attribute in Active Directory without having to edit or write script.

Are you a power user who wants to change how your user’s sAMAccountName attributes are created?  No problem, you can do that without scripting or coding.  Do you want to add specialized values from your provisioning inputs into (Exchange) extensionAttribute3?  Again, you can do that without scripting or coding.  Do you not know what I’m talking about and/or don’t care to do that?   That’s again no problem as the software doesn’t rely on you to set these things up if you don’t want to.

Intelligent Provisioning Rules

In fact, out of the box with no configuration to the administrative interface a provisioned user from five fields on a user provisioning form or five inputs can affect up more than 22 attributes in Active Directory and that user can be placed in an OU in your environment according to smart rules that you set up.  Additionally they can be added to the right security groups (your choice) based on these same intelligent rules.  All of these are configurable if you want them to be without scripting.  Ultimately we want to take the burden off of IT to have to manually make updates and additions to Active Directory, or from having to write and maintain scripts in an effort to cobble together solutions.

There’s one more thing to revisit from the old series of articles.  The articles talk about how a user can be provisioned with “less than 10 fields” on an input form.  We can now say, without scripting, you could do it with a single field if you wanted.  The idea here is to make software that’s straightforward for end users but is also powerful enough to do what you want it to do without having to script or write code.  Then for those who might want to do something completely customized or even outside of the provisioning/update realm, the architecture still remains open for you to do that.

Look for more exciting announcements and improvements to PeopleProvision and PeopleNexus over the coming weeks and months.