Offboarder Logical Access Solution

Offboarder automates Active Directory termination workflows, provides real-time job tracking, and generates audit-ready evidence for access termination controls (SOC 2 / ISO 27001).

Active Directory offboarding actions

• Disable account and enforce termination state
• Remove from access groups (including privileged groups)
• Move to a designated “Disabled/Terminated” OU
• Optional: reset credentials as part of termination policy
• Capture outcome per step (success / failure) for review

Evidence + reporting (built in)

• Evidence record generated per job
• Exportable CSV for audit packets and control testing
• Job timeline: submitted → processing → completed
• Request identifiers preserved (request ID, user, tenant)
• Designed for SOC 2 / ISO 27001 access termination evidence

1) Intake via Admin Portal

HR/IT submits a termination job manually or via CSV. The portal validates fields and creates a job with a trackable request ID.

2) Queue-based processing

Jobs are placed into Azure Storage Queues and processed asynchronously. Status is updated back to the portal for visibility.

3) Agent executes & reports

A Windows agent checks in (beacon) and executes AD actions where the directory lives. Results and evidence are returned per job.

RBAC (role-based access)

Limit who can submit jobs, view results, export evidence, and manage configurations—supporting separation of duties.

IP fencing

Restrict administrative access to approved IP ranges for reduced exposure and stronger operational control.

Separate function keys + tenant partitioning

Agent check-in and admin operations use separate Function keys, and tenant headers keep environments logically partitioned.