Magellan Provisioning UI Overview

Overview

Magellan Provisioning is a powerful feature that allows the automatic creation of users, groups and calendar appointments within external web services. A prime example of such a service is Office365. Very simply, Magellan uses the synchronised AD account information uploaded by the Magellan Cloud Connector, to automatically create and link cloud based user accounts to these external services. It then provides the federated single sign-on services to these external services from within the Magellan Portal.

If this is coupled with the Magellan Pro MIS connector and synchronisation features, it means that almost as soon as a user is enrolled, their network (AD) and cloud based user accounts are automatically created. The big benefit is simplifying administration by seamlessly automating the process and reducing the number of steps normally required to achieve the same outcome. It streamlines the whole process of user account provisioning. The MIS becomes the authoritative source and it reduces the risk of downstream mistakes and removes possible opportunities for unauthorised abuse of sensitive user data.

The ability to do account provisioning has been a standard feature of Magellan for some time. However, the methods for doing this have been largely hidden from customer staff and relied on CSE engineers to carry out configuration tasks. The reasoning behind this has been that the processes have been somewhat complex.

However, this new release of Magellan now exposes the provisioning User Interface to onsite administrators. The primary reason is that it gives oversight of the configuration and management parameters to on-site support and administration staff. A major benefit is that it allows customer administration staff to force an account sync into the cloud, as well as to view job status, reports, user histories and service license reports.

The notes contained below in the body of the release note are designed to give you an overview of the way the system is configured. It may still be sensible, in many cases, for CSE Engineers to carry out the actual configuration based upon your instructions (this can usually be accomplished remotely).

N.B. The APPLICATIONS \ APPLICATION SETTINGS and PROVISIONING SOURCES sections should really be used for information only as making changes in these sections could severely disrupt the service.

JOB STATUS / REPORTS and ADDED USER HISTORY allows you to view and monitor the provisioning process going on in the background.

Home

The home page is simply a landing page for the Magellan Provisioning UI with some brief information. There is little to say about this page other than like the rest of the new UI it is reactive to the browser window size/device you are accessing this UI with. Below 960px width the side bar collapses and a navigation button appears in the header on the left-hand side.

Applications

This page will show you all the applications you have available which are compatible with the provisioning system, in this example Office 365. You have the option to Sync all or individual applications in this interface, syncing an application will create a new Job which you can see in the "Job Status / Reports" page. Syncing will do whatever work has been configured for the application.

Note: You can edit the Application but you cannot delete or add a new Application. Add/Delete is currently handled by the Magellan IDP application UI at https://cse-trinidad.co.uk

Edit Application

Editing the Office 365 provides a new window to open with this UI

This UI helps you manage the provisioning and Federation setting for your Office 365 Tenancy.

Credentials: Before Magellan can do anything with Office 365 it requires Global Admin user to be associated with it, the Password for this user is securely encrypted

Domains: This page allows you to see all the currently associated domains with your Office 365 Tenancy. Here you can Federate / Unfederate and view the settings of your domains.

Settings: General settings for the Provisioning of Office 365, including enabling the provisioning and what happens on deprovisioning.

Objects to Provision: This page lets you set what gets provisioned into Office 365 and from where. Here you specify the Provisioning Source and which objects you would like creating in Office 365 (Users, Groups and Calendars).

License Mappings: Here you can view the current licences available on your Office 365 Tenancy and use Magellan Roles to map/assign those licences to users.

Provisioning Script: This page allows you to specify actions or filter on the Objects being provisioned into the system. An example of this would be restricting which Groups get provisioned from an Active Directory source by Organizational unit.

Application Settings

This page provides some additional global settings for Application provisioning including report settings for Application Provisioning

Provisioning Sources

Here you will find a settings for report settings for the Provisioning Sources and a List of the Provisioning Sources.

Magellan will allow you to have as many provisioning sources as you like, those sources could be an MIS, Active Directory, Magellan IDP or SQL database. Once they have been created you can then create Provisioning Destinations within them, you can have multiple destinations per source.

Provisioning Destinations can be an Active Directory, SQL Database, Magellan IDP or Custom which allows use of PowerShell scripts. For all destination types scripts are used to configured how the system provisions to these destinations, this it to ensure the system can be as flexible as possible.

Job Status / Reports

The Job Status / Reports page shows a history of all the jobs run and any that are currently running. You may view a job report to get a detailed text file of what the Job changed or in the case of failure, where it failed. You may delete jobs, however it is only advised to do this for empty jobs or failed jobs.

Added User History

Added User History is a page which parses all the job reports pulling out all of the users created by the Magellan provisioning system. This is helpful when provisioning users to the Active Directory with a random password as it provides an easy interface to view the user names and passwords for each user at time of creation.

Imported Data

Imported Data is a table which shows a list of the data which Magellan Provisioning has received from its Provisioning Sources. Before Magellan can do anything with this data it must process it then send it to the relevant Jobs. If there are any errors processing you will be able to view that error through this interface.