Skip to main content

How automated user administration works

Bravura Security Fabric uses iddiscover and idtrack to communicate with the Workflow Manager Service to propagate changes from an authoritative target system to other target systems.

  1. The iddiscover program compares the contents of new data, extracted from target systems into SQLite .db files, with the data in the Bravura Security Fabric database. Depending on which tracking options are turned on, the program creates a diff set with a globally unique identifier (GUID) and a time stamp.

  2. The idtrack program uses the diff sets to track changes to users, user attributes, and user group membership on target systems.

  3. The idtrack program can then automatically propagate user attribute changes to any managed system.

    The idtrack program can generate a work file that only describes changes to user attributes, for testing or logging purposes. You can use this option instead of, or in addition to, executing attribute changes.

  4. An optional idtrack.psl script can use any tracked change to perform any provisioning operation supported by the API. The script is required when propagating user account and user group membership changes.

In this section: