Automating User Lifecycle Management

Color Line

Color Line is Norway's largest shipping company in international passenger and freight traffic to and from Norway, and one of Europe's leading operators of short sea shipping. The company operates five ships on four international routes between Norway, Sweden, Denmark, and Germany, offering cruise services on the Oslo-Kiel route, transport on routes from Larvik and Kristiansand to Hirtshals, and transport and shopping on the Sandefjord-Strömstad route. In addition to passenger and freight transport, Color Line provides conferences and exhibitions, hotel operations, restaurants, shops, entertainment, and tour production.

Employing about 2,300 people across four countries, it is currently the only shipping line with international passenger and goods traffic to and from Norway, using ships on the Norwegian shipping register and with its head office in Norway. Annually, Color Line transports nearly four million passengers, approximately 900,000 cars, and around 180,000 trailers, accounting for over 20% of the annual goods traffic on the road route across Svinesund as of 2016.

Background

Prior to this project, user lifecycle management in Color Line's directory services was highly manual, time-consuming, and prone to errors. Tasks such as creating user accounts, updating user information, assigning licenses, granting access to resources, and deactivating accounts required significant manual effort. As a result, Color Line sought to automate these processes based on information from their HR system, SD, to enhance efficiency and reduce errors.

Inloop’s role

Inloop designed and developed a comprehensive solution to automate user account management using data from SD Worx. An HTTP endpoint was implemented in Power Automate to receive real-time data from SD Worx, which is then stored in Dataverse.

A Power Platform dataflow handles the data processing, managing user attributes based on complex business rules. Depending on the user category, specific attributes are updated, relevant security groups are applied, and appropriate licenses are assigned

After processing, a PowerShell script handles the creation of new users, attribute updates and deactivation of terminated users in the on-premises Active Directory. These changes are then automatically synchronized with Entra ID. The solution also handles sending SMS messages to new users with relevant information for new employees and emails to their supervisors with information about the new employee.

An administrative Power App was developed to provide an overview of all active users and to view all changes from SD Worx. The app also offers a user interface to configure business logic based on predefined user types - such as specifying attributes mapping between SD Worx and Active Directory, if certain users should be excluded from the business logic and determining which groups and licenses to apply.

Packaged as a Power Platform Solution, the entire setup simplifies installation, maintenance, and future updates. The design allows for an easy transition to a fully cloud-based solution in the future, providing Color Line with the flexibility to adapt to evolving technological needs.

---