Workflow: Ordering Accounts for External Users

This document outlines the workflow for ordering temporary accounts for external users, such as students, temporary staff, or hired consultants. The process allows authorized managers to request accounts through a dedicated digital form, which then triggers an automated provisioning process in eADM.

Note: This workflow uses a custom form built with the eHub module.

Workflow Process

The process begins when a manager fills out an order form and is complete when the user receives their account details. In this standard configuration, the account is created in Active Directory (AD) immediately upon form submission.

Step 1: Submitting the Order Form

A manager initiates the process by completing the "Order Temporary User Account" form. The information provided in this form is used to generate the username, configure notifications, and assign the correct access rights.

The form includes the following fields:

Field	Description	Example
First Name	The user's first name.	Tommy
Last Name	The user's last name.	Halvorsen
National ID Number (11 digits)	The user's personal identification number.	230278xxxx
Private Email	The user's personal email address.	tommy@konsulent.no
Private Mobile Number	The user's personal mobile number for SMS notifications.	555-15874
Title	The user's job title or role.	Consultant
Department	The department the user will belong to. Access rights are assigned automatically based on this selection.	After-School Program
Start Date	The first day the account will be active.	02.06.2022
Expiry Date	The date the account will be deactivated.	01.08.2022

Field

Description

Example

First Name

The user's first name.

Tommy

Last Name

The user's last name.

Halvorsen

National ID Number (11 digits)

The user's personal identification number.

230278xxxx

Private Email

The user's personal email address.

tommy@konsulent.no

Private Mobile Number

The user's personal mobile number for SMS notifications.

555-15874

Title

The user's job title or role.

Consultant

Department

The department the user will belong to. Access rights are assigned automatically based on this selection.

After-School Program

Start Date

The first day the account will be active.

02.06.2022

Expiry Date

The date the account will be deactivated.

01.08.2022

Warning: The Expiry Date is a mandatory field and is the date the account and all associated access rights will be automatically deactivated. It can be set for a maximum of 6 months from the Start Date.

Step 2: Automated Provisioning and Notifications

Once the form is submitted, the following automated actions occur:

Account Creation: The user account is created in Active Directory in real-time.
Manager Notification: The manager of the selected department receives an email confirming that the account has been created, including a summary of the granted access rights.
User Onboarding: On the specified Start Date, the new user receives an SMS with their login credentials and access information.

Note: If the Start Date is the same as the submission date, the account is created immediately, and the user can typically log in within 5-10 minutes.

Step 3: Account Deactivation

On the specified Expiry Date, all access rights are revoked, and the user account is automatically deactivated.

Workflow Variations

This workflow can be configured to include an approval step. For example, a request can be routed to the IT department or a department manager for approval before the user account is created.