Skip to Main Content
IBM Sustainability Software - Ideas Portal


This portal is to open public enhancement requests against the products and services belonging to IBM Sustainability Software. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Created by Guest
Created on May 27, 2022

Enhancement to the MAS vs. Azure AD communication/connection

SAML

As an organization planning or having the Maximo Application Suite (MAS) running on Azure Cloud, it is requested that enhancement to the MAS vs. Azure AD communication/connection will be established, so that automation of user creation in MAS can be established.

As of now, the connection has been established between the MAS and the Azure AD (AAD). In the AAD a security group covering the Maximo users has been configured. The established connection between the MAS and the AAD controls/verifies if the user is a known user. That's first step in the validation of the user's request to login.

Next is that Maximo validates if the user has an access to MAS. This means that the user beforehand must be created and that he has been assigned necessary security groups.

As of now, though, it isn't possible to have an automated user creation, since the MAS vs. AAD communication only verifies if the user at all exists in the AAD. In other alike applications, the system is able to read not only in the complete AAD, but in a specific AAD security group based on the ID key belonging to that specific AD group. Such systems use the SAML identification as well.

https://www.onelogin.com/learn/saml

Being able to read directly from the specific AAD group, we can establish an automation in creating new users, since we know for sure that this specific user exists in the MAS assigned AAD group and not just somewhere in the AAD.

We do not seek to have automated deletion of users, since we won't remove users having transaction records. Such users will be deactivated.

Idea priority High
Needed By Quarter
  • Guest
    Reply
    |
    Jun 10, 2022

    Thanks, Andrew, for sharing your overall plans as they look for now.

    I was hoping, though, that we shouldn't look into 12-18 months - but rather 3-6 months.

    If possible, I kindly ask you to give it a bit more priority :-)

    Kind regards,

    Michael

  • Admin
    Andrew Foster
    Reply
    |
    Jun 9, 2022

    Hi Michael, Thank you for taking the time to provide your idea to IBM. Your request is a candidate for a future generally available (GA) release.  Our aim is to deliver within the next 12-18 months. Thank you again for your feedback.

    Please note: IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality.