All customers who subscribe to Remedyforce will at some point have to answer the question of, “How am I going to provision users in Salesforce/Remedyforce?” Initially, what might not be known are the multiple options available. Customers can choose to create users manually. Is this something a customer will generally want to do as a long term solution? Probably not. Creating users manually is a process that most customers choose to automate. In this case, customers can choose between using Pentaho to integrate with an LDAP source or OneLogin. Since you have continued reading this far, you are either deciding if One Login is right for you or have already chosen OneLogin and preparing for your implementation.
Leveraging OneLogin is an attractive solution for many customers. First, it generally fits in the budget for all customers. They offer a zero dollar solution for active Remedyforce customers. Part of your preparation at this point is to understand if the zero dollar solution fits your needs. In most cases it will. If not, OneLogin does offer a couple other plans and we will walk through these plans with you so you have a full understanding of what is and is not included. If you are interested in conducting your own research, please visit the OneLogin-Remedyforce Partner page.
- https://www.onelogin.com/partners/app-partners/remedyforce-sso (contains demonstration video and datasheet)
OneLogin also provides White Papers, Webinars and Knowledge Articles available for your review. A few of those resources are listed below.
- Active Directory Integration Whitepaper
- Describes how to securely, easily and seamlessly connect your Active Directory infrastructure to OneLogin and your cloud applications.
- Advantages of Cloud-based IAM Whitepaper
- Speaks to on-premise vs. cloud security concerns.
- IAM – Beyond Convenience Whitepaper
- Explains Identity and Access Management (IAM).
- (Webinar) Achieve Single Sign-on (SSO) and Active Directory / LDAP Integration for BMC Remedyforce
- (Knowledge base Article) OneLogin for Remedyforce
Should you have any questions at all, please be sure to speak with your Professional Services Project Manager or Consultant about setting up a meeting with the team from OneLogin. If you are not currently engaged with Professional Services, your Customer Success Manager will be able to assist with this as well.
Once you have determined that OneLogin is the right fit, your preparation doesn’t end. There are still some other aspects for the implementation to keep in mind. You should review the best practices and prerequisites. This document lists several prerequisites. A few of those are:
- OneLogin does require the installation of their Active Directory Connector on a server within the organizations domain.
- Outbound SSL connection
- Domain service account
- External IP address range
Why is it important to review these prerequisites and have an understanding ahead of time? If your organization has Change Management in place, you will need to allow enough time prior to configuration to issue the change request and allow for the proper approvals to move forward. This approval should be in place ahead of scheduling the implementation meeting with OneLogin.
For a design tip, OneLogin can also leverage your AD structure for identifying users. Look at using OUs to identify which groups are imported into Salesforce.
Also, make sure the data in your Active Directory environment is clean and you have the proper attributes populated. You won’t be able to bring in data to Salesforce that isn’t populated in Active Directory.
Another important consideration is to decide which individuals from your team will participate in the Implementation Meeting. It is recommended that your Active Directory (LDAP) Administrator, Remedyforce Administrator and OneLogin Administrator be present.
- Review OneLogin Solution
- Schedule initial consultation
- Review best practices and prerequisites
- Obtain change request approval
- Schedule setup meeting
- Identify meeting participants
You should now be prepared to implement OneLogin and start importing those users!
To read more on Remedyforce User Provisioning, please check out the white paper titled “User Creation and Authentication in Remedyforce” on Remedyforce Communities.