IBM RACF Sync with Active Directory (AD), Entra ID (Azure AD)

Microsoft Recognizes Aquera as Strategic Integration Partner:

Microsoft features Aquera as strategic partner for HR-driven identity integration with Active Directory (AD) and Entra ID, and sync with 1,000+ non-Gallery business apps.

Microsoft Entra with Aquera: Identity Lifecycle Management at Scale:

✅ Microsoft recognizes Aquera for HR-driven identity sync between Entra ID (Azure AD) and HCM, embedding identity context throughout the employee lifecycle to reduce risk.
✅ Gartner Designates Aquera "Cool Vendor" (2022) in Identity-First Security; and Specialists (2024) in “Identity data integration" and "SCIM gateway".

Bi-directional Automated Sync: Cloud, On-Prem, Hybrid:

Aquera for IBM Resource Access Control Facility (RACF) synchronizes users bidirectionally in IBM RACF to Active Directory (AD) on-prem, AD/Entra ID hybrid, and pure Entra ID cloud. When only AD is used, Aquera syncs users directly from HR systems or from AD directories into RACF. Additionally, for Entra ID Identity Governance and Administration (IGA), the Aquera sync retrieves user entitlements from RACF and imports to Entra ID when supported in Entra.

Trusted by 1,200+ Customers:

Over 1,200 leading businesses have deployed Aquera to scale on/off-boarding processes, improve identity security, and boost operating efficiency.
✅ See IBM Resource Access Control Facility.
✅ See Aquera SCIM Gateway for Entra ID to synchronize RACF user data for consistent and unified identity throughout your HR and IT systems.
✅ See also Microsoft API-driven Inbound Provisioning and HR-to-Target App provisioning.

Key Benefits:

✅ Centralized Identity Management: Enables AD/Entra ID to serve as the single source of truth for identities, ensuring consistent user access across modern and mainframe z/OS environments.
✅ Provision and De-Provision Users in Real-Time: Automates the creation, removal, and update of RACF accounts when users are added, removed, or updated from AD or Entra ID groups.
✅ Improved Security and Compliance: Centralizes security policy enforcement, including password complexity and multi-factor authentication (MFA), across systems. Mitigates the risk of orphaned accounts in RACF, ensuring compliance.
✅ Enhanced Operational Efficiency: Avoids manual account synchronization between AD/Entra ID and RACF. Reduces administrative overhead by automating identity lifecycle management.
✅ Configure Data Syncs, Custom Fields: Configure granular user data sync between RACF and AD, Entra ID, including custom fields.
✅ Auto-Correlate Records: Cleaned mismatches.

Key Features:

✅ Hybrid; Separate Sync: Cloud-only users to Entra ID; others to On-Prem AD only, or both.
✅ Bi-directional Sync: RACF user sync with AD/Entra ID.
✅ Unique Matching: Name conflict resolution to distinctly identify and consolidate user identity.
✅ Critical Attributes: Sync Principal Name (UPN), Distinguished Name (DN), SAM Account Name.
✅ Custom Attributes: Sync any extended attributes for your business process.
✅ Attribute Import from any application.
✅ Groups: Sync RACF users, roles, and privileges with Microsoft Security Groups, 365 Groups, Distribution Groups (email distribution lists) to control access in AD/Entra ID.
✅ Multi-directory, Multi-region user sync for local, regional, and global regulatory compliance.
✅ Access Rights: Direct, Group, Rule-based, and External authority assignment.
✅ Global Address List to enhance collaboration.
✅ Password Delivery efficiency, SSPR.
✅ Hierarchy Generation: Auto-generation of management hierarchy in AD/Entra ID.