Case Study

Bringing Greater Control to Active Directory for a Housing Association

Making better use of an existing Adaxes investment to improve control, consistency, and efficiency across Active Directory and Microsoft 365.

2017 - Present

Automating User Provisioning Using HR Data for a Housing Association

Using live HR data to automate user provisioning and access control, reducing manual effort and improving consistency across Active Directory.

Housing Association sector. Client details have been anonymised, but the scenario reflects a real engagement.

Snapshot

  • Industry: Housing association
  • Organisation size: Growing organisation
  • Environment: Active Directory, Microsoft 365, Adaxes, iRIS HR system
  • Challenge: Manual provisioning and underutilised HR data
  • Solution: API-driven identity automation using Adaxes
  • Outcome: Fully automated lifecycle management and consistent access control

The Situation

The organisation was growing and needed a more scalable approach to onboarding users and managing access. While their HR system (iRIS) held accurate and up-to-date employee data, it was not being used to drive IT processes.

User accounts were created manually, access was assigned inconsistently, and onboarding often involved delays. As the environment became more complex, this approach was becoming increasingly difficult to manage.

The Challenge

  • HR data existed but was not being used by IT
  • User accounts created manually for every new starter
  • Complex group structures leading to inconsistent access
  • Delays in onboarding and increased risk of human error
  • No single, authoritative source driving identity management

Why Change Was Needed

The organisation already had the data required to automate identity management, but it was not being leveraged. Without a more integrated approach, manual effort would continue to increase and inconsistencies in access would persist.

A more direct link between HR and IT was needed to ensure user accounts and permissions reflected real-world roles from day one.

The Approach

Armstrong worked with the organisation to design a model where HR data could directly drive identity management, removing the need for manual intervention and duplicated processes.

Rather than relying on exports or scheduled imports, the approach focused on using live data from the HR system as the authoritative source.

  • Reviewing how HR data could be used to define identity
  • Mapping roles, departments, and locations to access requirements
  • Designing a structure for consistent and repeatable provisioning

The Engagement

Armstrong worked with the organisation to integrate HR data with Active Directory and Microsoft 365, establishing a structured, automated approach to user provisioning and access management.

While the initial focus was on implementing a reliable integration with the iRIS platform, the engagement has continued over time, with the solution evolving to support changes in processes, organisational structure, and access requirements.

This has included refining role-based access models, extending automation, and ensuring the platform continues to deliver consistent, accurate identity management as the organisation grows.

The Solution

A REST API-driven integration was implemented, allowing Adaxes to query the iRIS HR system directly for current employee data.

  • Live API queries to retrieve authoritative HR data
  • No data exports, duplication, or delay between systems
  • HR established as the single source of truth for identity
  • Event-driven automation for joiners, movers, and leavers

How It Works in Practice

Identity management is now driven directly from HR data, ensuring that user accounts and access reflect each individual’s role within the organisation.

  • Accounts are provisioned ahead of start date
  • Users are automatically enabled on day one
  • Access is assigned based on role, department, and location
  • Changes in HR data trigger immediate updates to access
  • Accounts are deprovisioned promptly when users leave

A role-based model ensures that access is applied consistently, even across complex combinations of attributes.

What This Replaced

  • Manual account creation for every user
  • Rekeying and duplication of HR data
  • Inconsistent access assignments across departments
  • Delayed onboarding and reactive administration

The Outcome

User provisioning and access management moved from a manual, reactive process to a structured and automated model driven by HR data.

  • Fully automated joiner, mover, and leaver processes
  • Consistent, role-based access control
  • Reduced administrative effort for IT teams
  • Improved accuracy and reduced risk of human error
  • Users ready with the right access from day one

Key Takeaways

  • HR systems can act as the authoritative source for identity
  • Automation reduces both effort and risk when properly structured
  • Consistency in access comes from defined roles, not manual decisions
  • Integrating systems directly is more effective than relying on exports or duplication

Related products

Adaxes

Automates Active Directory and Microsoft 365 tasks and enforces delegated administration.

View Product

Related solutions

Active Directory Management

Document governance and lifecycle responsibilities for on-prem directory services.

View Solution

Entra ID Management

Define roles, policies and measurable controls for Entra ID lifecycle and access.

View Solution

Self-Service & Delegation

Define owners, approval paths and acceptance criteria for delegated identity self-service.

View Solution

User Provisioning & Lifecycle

Consistent, auditable controls for user account lifecycle across the organisation.

View Solution

Related technologies

Active Directory
Microsoft 365
Microsoft Entra ID

Discuss your environment

Speak to a specialist