🗂️ Directory

Overview

Many enterprises still rely on Active Directory (AD), LDAP, or other directory services to store critical user identity data. Lumos bridges these traditional on-premise directories with modern identity governance capabilities by deploying a Lumos Agent inside your secure network. This agent hosts an AD or LDAP connector that handles all communication between Lumos and the directory.

This integration pattern supports both directories hosted on-premises or in cloud infrastructure, enabling unified identity governance across hybrid environments while maintaining directory-specific security and operational requirements.

Real-World Example

• Scenario: A global conglomerate uses Active Directory to manage over a 100,000 employees and contractors. Lumos imports accounts, group memberships and manager hierarchy from AD, allowing the company to run access reviews at scale and allow automated remediation through AD group removal.
• Outcome: Established automated access reviews across the enterprise, reducing administrative overhead by 80%.
• Implementation: Configured Lumos access review platform, established connections with Active Directory and implemented automated access workflows.

Benefits

• Hybrid Support: Avoid vendor lock-in and simplify integrations by adopting an established industry standard
• Secure Connection: Standardized approach eliminates custom integration code
• Advanced Features:Handles large user populations and complex organizational structures

Considerations

• Requires installing and configuring the Lumos Agent on-premise, which may involve firewall rules and server provisioning
• Should implement proper architecture for high-availability
• Required monitoring of directory synchronization health