Mail Distribution List
A mail distribution list (mail DL for short) is a list of identities to which an e-mail message can be sent, such that every member of the list will get a copy of the message. Mail DLs can be represented in most directories, such as LDAP servers or Active Directory.
On some directory systems, a mail DL can include both user objects and SMTP e-mail addresses. Lotus Notes is an example of a system that supports mail DLs with these two types of entries. On other directory systems, mail DLs can only contain a list of objects -- either user objects or contact objects (i.e., objects that contain contact information for a person, such as the person's SMTP address, but which cannot be used as login accounts). Active Directory is an example of this.
IAM systems can be used to manage the membership in mail DLs, just as they can be used to manage membership in security groups. In technical terms, mail DLs are almost indistinguishable from security groups, except that they cannot be used to grant security rights to their member users.
Security entitlements on most systems and applications are determined by membership of users in security groups. These groups may have different names on different platforms: roles in Oracle, activity groups in SAP, groups in AD and so on. In all cases, they amount to collections of user rights that have a name and are assigned as a unit to one or more users.
Users get access to data (e.g., shares, folders, files) and to system or application functions by being attached to security groups on those systems.
Hitachi ID Identity Manager is designed to manage membership in existing groups and will automatically detect new groups, which can subsequently be enabled for Identity Manager management.
Group membership management can be driven by any of the core Identity Manager request input mechanisms: automation (e.g., driven by HR or similar), self-service requests, access certification, role based access control, or an inbound API.
Group membership management may also be driven by a resource-centric, rather than group-centric workflow, using Hitachi ID Group Manager. In this case, users select a resource -- a share, folder, file, etc. and request access. Group Manager looks up ACLs on the relevant object and selects the appropriate groups to which the recipient of the request should be attached.