Friday, June 03, 2005

Ready for MIIS Workflow? What are your scenarios?

Being attentive at the DEC conference in March led me to hear that workflow will be a feature of Gemini (the next major release of MIIS). So, have you been waiting for workflow all along? Have you had a tough time integrating workflow with MIIS? What are your workflow scenarios?

To me this is a fun problem. I tend to think of workflow in terms of BizTalk or EAI; namely that it is stateless. I tend to think of MIIS as state-based of course, because I've had several holograms over the years. So marrying stateless workflow with state-based sync is the challenge to be solved by Gemini.

Either problem on its own can be difficult enough (building a workflow product, or building a state-based sync product). Building a product with both should be challenging, but Microsoft is lucky enough to have a workflow engine already in BizTalk, whatever form that takes in Longhorn. I think this will be great since it will address the sync based nature of identity integration where rules need to be enforced in order to converge all the systems on the same rule set, but workflow is also very important since a lot of scenarios just don't lend themselves well to syncrhonization.

So what are the scenarios for workflow in identity integration? Are there many scenarios or are there only a couple of scenarios that are largely repeated? Some scenarios that come to mind are:
  • User self-service with approval for identity updates
  • Self-service provisioning with approval
  • Ordering supplies (PC, phone, goat, etc) for new employees
  • Temporary access requests with approval

Approvals stand out as they tend to repeat in workflow scenarios. Please add comments to this post if you have more scenarios in mind.

I'm looking forward to seeing betas of this, and seeing if the theme of "easier to design, deploy and manage" is maintained.

1 comment:

Anonymous said...

How about exception request/ processing (with approval and duration)?

Example: Employee Status changes to a "non-active" status (unpaid leave), normal processing will result in network and email access being revoked (standard termination process). Manager knows that user will return from leave at some point, and requests that access be continued, let's say for 3-6 months, then a renewal process would be required...