- Community Home
- >
- Services
- >
- The Cloud Experience Everywhere
- >
- Centrally manage user identity while giving busine...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
Centrally manage user identity while giving business groups autonomy with HPE GreenLake
By Paul Zinn, Senior Product Marketing Manager, HPE GreenLake cloud
Large enterprises can be complex beasts. These organizations often contain multiple groups, such as business units or geographic areas, that act independently of each other. Such groups are separated in many ways, and that can often include separate sets of cloud resources to run their respective workloads. In HPE GreenLake, this is usually accomplished by creating a workspaceโan isolated single-tenant environment, for each of these groups within the enterprise.
While this creates the independence that the business needs, until now it has also created additional effort and risk for the IT staff, who had to perform identity and access management (IAM) across these multiple, separate workspaces.
We are happy to announce that a new capability in HPE GreenLake called organization governance now enables enterprise IT teams to centrally manage identity, authentication including SSO, and workspaces from one point for simpler operations and better security. Organization governance is part of an enhanced IAM experience that also adds DNS-based domain claiming, providing better security for single sign-on (SSO).
A workspace hierarchy
By creating an organization from a workspace, you establish it as the management workspace for the organization, at the top of a hierarchy that can include multiple organization workspaces for your business groups.
From this management workspace you can centrally manage the organization, making settings that apply not only to the management workspace but to all of the organization workspaces as well. Letโs take a look at a couple of these.
User lifecycle management
Though many of your users will only need access to a single workspace, some (particularly in corporate IT) will need access to multiple workspaces. Instead of inviting these users to each individual workspace, you can invite them at the organization level, which allows them to authenticate across all organization workspaces. This means that when an employee leaves the company, you can remove their access just once, from the organization user directory. This approach minimizes the risk of human error associated with removing multiple user accounts, which can lead to security vulnerabilities.
Single sign-on (SSO)
If you have a SAML SSO identity provider, you are probably already using it with your HPE GreenLake workspaces. But once youโve created an organization, you only need to create and manage one SSO profile (for each of your domains), not one per workspace. This can save a lot of maintenance overhead.
User groups
User groups streamline access management, allowing you to assign permissions to a group of people instead of doing so for each user individually. And with organization governance you can create a user group at the organization level and assign permissions to it in any organization workspace.
More secure domain claiming
Claiming a domain to use with SSO is another thing you can do at the organization level, enabling that domain to be used for SSO across all organization workspaces. But the enhanced IAM experience for HPE GreenLake also brings a related improvement. Domain claiming is now DNS-based, requiring a TXT record to be added to your domainโs DNS records to verify a claim. This ensures that only authorized administrators from your company can claim your domain.
Getting access to organization governance
Today, the enhanced IAM experience is available only to new Standard Enterprise workspaces. When you create a new workspace, you can choose the enhanced IAM experience for it and either create an organization or join an existing one.
Over the next several months, we plan to upgrade all existing Standard Enterprise workspaces to the enhanced IAM experience. If you already own such a workspace, youโll be notified in advance of your upgrade with specific timing. Once the upgrade is complete, that workspace can join an organization.
Next steps
For an overview of the steps involved in setting up organization governance for a sample company, watch the seven-minute video, Getting Started with Organization Governance. For the full details, you can also view the documentation for organization governance.
Meet HPE Blogger Paul Zinn, Senior Product Marketing Manager, HPE GreenLake Cloud
In over thirty years in the enterprise software industry with mature companies and startups, Paul has held roles both for building products and for bringing them to market. Before joining the marketing team, he led a product management team that built usage and cost analytics for HPE GreenLake. Currently, his primary focus is product marketing for the HPE GreenLake edge-to-cloud platform. Paul also works to make HPE GreenLake messaging clear and consistent across the company. In his off hours, he makes music with the Sacramento, California Americana/rock band The Nickel Slots.
Cloud Services Experts
Hewlett Packard Enterprise
twitter.com/HPE_GreenLake
linkedin.com/showcase/hpe-greenlake/
hpe.com/us/en/greenlake
- Back to Blog
- Newer Article
- Older Article
- Deeko on: The right framework means less guesswork: Why the ...
- MelissaEstesEDU on: Propel your organization into the future with all ...
- Samanath North on: How does Extended Reality (XR) outperform traditio...
- Sarah_Lennox on: Streamline cybersecurity with a best practices fra...
- Jams_C_Servers on: Unlocking the power of edge computing with HPE Gre...
- Sarah_Lennox on: Donโt know how to tackle sustainable IT? Start wit...
- VishBizOps on: Transform your business with cloud migration made ...
- Secure Access IT on: Protect your workloads with a platform agnostic wo...
- LoraAladjem on: A force for good: generative AI is creating new op...
- DrewWestra on: Achieve your digital ambitions with HPE Services: ...