All: I am looking for suggestions and examples of what people are doing to manage all of the different Directory Synchronizations that need to occur for all of the different cloud vendors that require sync from on-prem AD. For instance, we have multiple cloud vendors that require some sort of Dirsync along with SSO (ADFS, Ping Federate, or proprietary). It seems that every cloud service from small to large wants to sync with on-prem AD. Given the potential number of these different DirSync’s that need to be installed and managed, what are other institutions doing to manage them all?
Does one department manage all DirSync instances? Do you install multiple dirsync apps on a single server/load balanced cluster? Do you let the departments manage their own dirsync applications and another dept. audit it on a regular basis? Are you concerned with what is being synched to the cloud from on-prem AD? I am trying get ahead of this potential nightmare in managing all dirsync for my institution.
Thanks for your responses. Brian Britt Vanderbilt University Security Operations | Identity Operations | Central Directory Services