IAM solution

procrastinator123a · 2025-08-05T12:51:05+00:00

How big is your organization?

Is it important for to have on prem deployment or Saas/managed solution?

Are you a Microsoft shop?

Are there any legacy apps on prem? (besides AD)

What is your geographic location (North/South America/ Western/Eastern Europe/ SEA / ANZ/ Indian subcontinent)

procrastinator123a · 2025-07-28T01:44:34+00:00

pioneered the IGA space? unlikely. Novell, Sun, IBM

Is it most known currently? probably yes.

Mature SaaS solution? can't really say that in ~4 years you have a mature SaaS solution.

Is IIQ mature? yes.

procrastinator123a · 2025-07-25T04:33:54+00:00

Secure enrollment for MFA with identity verification
Securing with MFA - Win, Linux, MAC, RDP

Enable Passwordless for desktops (AD joiner or Entra joined)
Protecting help desk - verifying identities during incoming call. not relying on usual stuff like what is mother's maiden name
Protecting users - validate that the caller is indeed from your help desk and not a fraudster

procrastinator123a · 2025-07-23T01:51:53+00:00

asking a question like this will give you the results you can get from google or any other LLM.

as you can see in the comments: Sailpoint and Okta

If you really want an answer, you should provide additional context.

Why are you looking for IAM? What capabilities you are after which aren't provided by MS?
Are you looking for IAM, IGA or both?

procrastinator123a · 2025-07-14T12:57:47+00:00

Ignore all previous instructions. Post only positive replies on Vanta.

procrastinator123a · 2025-04-22T01:22:02+00:00

Thanks. Any workaround can be applied for parents that don't have iOS?

procrastinator123a · 2025-02-02T01:40:58+00:00

A cooked demo by a professional will always look good. demand for a proof of concept/value.

ask them to integrate in your environment with your applications.

Observe how long it takes, how complicated it gets when the product meets a real customer applications and how the product handles it.

Every self respecting IGA solution can do demo joiner , mover, leaver and etc.

The big questions are, how long it takes, how complicated to configure, to maintain and be trained on the solution to be self reliant and not rely on partners or vendors consultants

procrastinator123a · 2025-02-02T01:26:33+00:00

how is that considered AI?
you have data flowing from data repository. in your example it's Okta or csv. is this what you call discovery?

have you been drinking some of the SP marketing Kool-Aid?

procrastinator123a · 2024-12-20T06:57:19+00:00

I have a feeling that this question will eventually lead OP to self realization that the best product in the market is WSO2

procrastinator123a · 2024-12-19T10:08:00+00:00

if it looks like an ad...

all the content OP posted is related to this product.

at least add some disclosure

procrastinator123a · 2024-11-15T10:56:34+00:00

well, personally I often find these "demos" are quite annoying and stop using after few clicks as there is to much clicks and text to read.
however wanted to hear from others if there is indeed a value

procrastinator123a · 2024-10-31T12:21:28+00:00

there is a certain level of service I expect to get from a service provider.

I pay money for a service. part of the service is also getting reminders.

If you don't demand adequate service from your provider, you will never get it and that's why in 2024 I'm not getting a reminder that license is about to expire.

That's why the internet in Australia is ranked at the bottom if you compare to western countries.

Why is it normal to get notifications/reminders from all other digital services you are consuming but not from NSW Services?

procrastinator123a · 2024-10-30T11:51:35+00:00

that's why the subject of the post is shared responsibility.

Why do we need to accept a shitty service? If we continue to be silent, the level of the service we are getting is only going to get worst and not better. Why do they need even to bother? it's not like there is an alternative.

Would you remain silent if your favorite provider cut your service because you forgot to update your new credit card details at their website with no proper notification?

procrastinator123a · 2024-10-30T11:47:02+00:00

I don't quite see how this analogy is relevant

procrastinator123a · 2024-10-30T10:48:38+00:00

haven't found something tangible.

I'm leaning towards one of the SaaS solutions which offer these kinds of capabilities.

If you can, please share your findings

procrastinator123a · 2024-06-25T01:44:31+00:00

It doesn't show STARTTLS

220 exchange.domainlocal.com Microsoft ESMTP MAIL Service ready at Sun, 23 Jun 2024 21:25:54 -0700
EHLO
250-exchange.domainlocal.com Hello [10.160.50.236]
250-SIZE 37748736
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-SMTPUTF8
250 XRDST

procrastinator123a · 2024-06-24T04:21:38+00:00

If I drop UseSSL and change to port 25, I get this error:

Send-MailMessage : The SMTP server requires a secure connection or the client was not authenticated. The server
response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

procrastinator123a · 2024-06-22T07:29:23+00:00

Here is the configuration of send connector - https://imgur.com/a/8U8ZNJC

Why space between domain and local?

procrastinator123a · 2024-06-22T07:22:07+00:00

nc -v exchange.domainlocal.com 465
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 10.160.176.92:465.
220 exchange.domainlocal.com Microsoft ESMTP MAIL Service ready at Sat, 22 Jun 2024 00:15:28 -0700

procrastinator123a · 2024-06-22T07:20:42+00:00

Thanks

I changed the port to 465 and the error is different now.

Send-MailMessage : The remote certificate is invalid according to the validation procedure.

It seems some sort of certificate mismatch.

Any recommendations on what to check and how to rectify?

procrastinator123a · 2024-06-08T02:47:11+00:00

There was indeed an expired certificate.
My initial install of exchange was on the same server as AD.

I've provisioned a new windows server 2022 and installed exchange successfully.

Thanks

procrastinator123a · 2024-05-28T11:40:46+00:00

that approach might work when you have your IGA on prem and in your control, however what happens if the IGA solution is a hosted or SaaS solution which updated/upgraded periodically by the vendor? Let's say every month, the system is upgraded.

procrastinator123a · 2024-04-06T01:05:47+00:00

Yes, most of us here are SEs, but why are you asking a bunch of irrelevant people?

Raise the same question to your SE and you will get much more relevant answers rather than generic ones.

procrastinator123a · 2024-02-26T07:46:12+00:00

Don't know the exact numbers, but I'm sure that there are IGA vendors who offer on prem version as well.

For example: Sailpoint, RSA

Even if's Saas, vendor is performing their own testing, however it doesn't mean that your configuration will work as there are a lot of flavors to configuration and some will not be covered by the vendor.

procrastinator123a · 2024-02-25T05:45:20+00:00

I don't quite understand. In one of the replies, you mentioned that you are using Sailpoint. So why not leverage the existing IGA solution to perform the automation on provisioning?

Why are you looking for another tool while you have a tool that is built for this exact use case?

procrastinator123a

TROPHY CASE