Areas of Automation

12 min

this document outlines the core capabilities of activate and how it supports organisations in managing identity, access, and service delivery across their environment it provides a practical view of the platform’s functional areas, highlighting how tasks are automated, orchestrated, and governed through a consistent, policy driven approach activate is designed to reduce reliance on manual processes by standardising and automating common operational activities across identity management, access control, service requests, and asset handling it brings these capabilities together into a single framework that integrates with existing systems such as active directory, microsoft entra id, exchange, itsm platforms, and other enterprise tools the content that follows breaks down each functional area of the platform, showing how they contribute to improving efficiency, enforcing consistency, and maintaining visibility and auditability across all actions identity manager create, update, move, rename, and delete user objects in on prem active directory and microsoft entra id automatically update attributes on user objects create, update, move, export, and delete mailboxes create and delete home, profile, and remote server folders automatically provision onedrive settings for users archive email to pst files on termination archive users’ home folders to alternative file locations add and remove users to active directory and microsoft entra id groups automatically add and remove office 365 licences automatically provision and deprovision access automatic user password expiry reminders so users can change their password before it expires suggest access for new users when end user driving fields are matched automatically transfer a user’s manager to a new manager automatic inactive user reminders and automatic disablement expiring user reminders and automatic termination initiate deletion processes for inactive users after review or policy conditions are met automatic transfer of terminated user ownership and approvals automatic attestation of user entitlements personal details review to ensure contact details are current automatically set out of office for users on leave or termination automatically enable and disable user accounts in active directory automatically move users between ous in active directory based on status manage microsoft entra id guests delegate approvals to other staff while people are on temporary leave role manager role based access control (rbac) for entitlements – automatically apply service catalogue items and other entitlements based on the roles assigned, including distribution lists, shared mailboxes, folder access, security groups, and more, primarily for users but with support for selected computers and contacts automatically modify the membership of groups in active directory and microsoft entra id based on the user’s roles – add and remove automatically remove a user’s access from default entitlements when a user is removed from a role automatically update a user’s attributes based on the role they are added to – for example, office address for the target user move users between roles, automatically remove old entitlements, and automatically provision users for new role entitlements create and update activate roles and manage entitlements via the activate web portal access hub create, update, and delete service catalogue items configure workflows and scripts for service catalogue items add and remove users to active directory and microsoft entra id groups add and remove computer and user objects to sccm collections send wmi commands to client desktops to refresh configuration integrate with microsoft intune for application deployment and management integrate with systems such as powershell, scripts, apis, sql, webhooks, and more automatically expire and remove time dependent access or assignments transfer software to another computer when users move devices create multiple resolver queues for request handling automatically create and update requests in popular itsm systems licenses/phone numbers/devices/customise your own create, update, and delete asset objects, including hardware, software, licence, and virtual assets allocate and re allocate assets between users, organisational elements, or locations utilise activate assets to automate processes such as teams and skype ddis, computer build and redeployment based on corporate standards, software licence pool management, parking space and inventory management, mobile devices and mobile plans, and domain names or ssl certificates automate ddi assignment to users based on department and location password reset reset passwords on active directory user accounts, including two factor authentication unlock active directory user accounts synchronise password changes with other integrated systems automatic unregistered user notifications to encourage users to use self service kiosk password reset password policy customisation and enforcement credential provider plug in integration with the windows login and lock screen for self service password reset self service password reset from the web email list manager scan for additional dls created outside the activate process to maintain a dynamic catalogue of dls automatically create, update, and delete dls in exchange, active directory, and microsoft entra id modify dl membership through approval driven workflows manage dl owners (approvers) renew dls after a defined period; delete if not renewed automatically create dls and populate members based on department creation (via hr connector) dynamic dls with rule based membership that automatically updates based on business changes detect dls with no owner and trigger a process to assign ownership enable self service management of sender allow and block lists through approval driven workflows synchronise dl properties from active directory and exchange detect and retire deleted or stale dls from the catalogue audit dl membership changes for governance and compliance surface owned and approved dls for delegated management support hierarchical dls with inherited ownership and approval rules export distribution list membership or ownership details for reporting and review automatically process distribution list membership expiry shared mailbox manager create, update, and delete shared mailboxes in on prem exchange and exchange online manage shared mailboxes, resources, and room mailboxes in on prem exchange and exchange online assign owners to shared mailboxes manage user permissions to shared mailboxes apply booking settings such as allowing recurring meetings transfer mailbox ownership update mailbox delegates automatically delete expired mailboxes detect shared mailboxes with no owner and trigger a process to assign ownership security group manager scan all security groups within active directory create and modify security groups within active directory modify membership of security groups within active directory audit membership changes for governance and compliance collaborate create office 365 teams via the microsoft graph api modify membership of office 365 teams through automated approvals manage the owners of office 365 teams, with ownership stored in activate rather than office 365 scan for additional office 365 teams created outside the activate process to maintain a dynamic catalogue of teams in the organisation so they can still be managed by end users provision guest user access deprovision teams based on the customer’s business process secure folder manager automatically create and modify security within file shares and onedrive for business, including active directory groups and ntfs security settings on folders create security groups and modify membership of security groups within active directory and microsoft entra id scan all folders within file shares and dfs shares reset and refresh groups securing folders scan for additional folders and associated groups used for security that were created outside the activate process, maintaining a dynamic catalogue so they can still be managed by end users manage owners of folders automatically initiate transfer of folder ownership when a user leaves the organisation privileged account create, update, and delete administrator accounts in active directory and microsoft entra id, linked to a user’s identity so access can be removed automatically create, update, and delete service accounts in active directory and microsoft entra id manage non active directory administrator accounts provide on demand access for a period of time control administrator access to windows server for a period of time schedule account reviews to confirm whether an account is still required and has appropriate access securely deliver new passwords automatically remind when a password change is due itsm orchestrator automatically log tickets, requests, or incidents into itsm systems based on resolver groups synchronise tickets from itsm systems into activate so users can view read only versions without contacting the service desk update tickets by allowing users to add extra notes to their requests close tickets in itsm systems when the request has been completed