In this chapter, we took a look at role model objects (organizational units or users), their roles, and the permissions that are applied to the roles. We also explained the concept of applications, and grouping of permissions that are applied underneath that application. We looked at some other advanced features, such as SoD, that is, incompatible permissions. We ran through the installation of the Core modules, explained how to define the organizational unit, and also how to bring that information into the BHOLD Core for consumption. Next we uncovered creating the BHOLD connector and utilizing the Integration module. We touched upon the Attestation module and how it can help an organization. Finally, we looked at the Reporting module and the reports it provides for an organization to use.
In the next chapter, we will take a look at Privilege Access Management—a new feature in the Microsoft Identity 2016 suite.