Identity and Access Management (IAM)

What is IAM?

Identity and access management (IAM) is the system application responsible for the lifecycle of user accounts (creation and termination), administer any updates and provide users with appropriate access to technology resources based on business rules. All users within Catholic Schools Parramatta Diocese (CSPD) require a user login account in order to access all technology resources.

CSPD's core Identity and Access Management application (aka Identity Vault) is a running under Microfocus e-directory. It is simply a big centralised database repository for CSPD directory objects (e.g. users and groups). CSPD user accounts are automatically generated from source databases (i.e. Connx for staff and FACES for students). There are multiple types of user accounts within CSPD's Identity Vault:

    • Staff accounts

    • Student accounts

    • Practical (Prac) Student accounts

    • Visitor, vendor and contractor accounts.

User accounts within the CSPD Vault provide users with base user applications/services:

    • Google account (G Suite applications)

    • Active Directory account

To request access to additional CSPD applications/resources (eg: Oscar) please raise a ticket with the Enterprise Service Desk.

The diagram above illustrates the Enterprise IAM system. As shown in the diagram the source databases are on the left, CSPD's Identity Vault (in the middle) is the central location/application for all user accounts and on the right are services which integrate with the CSPD Vault.

How are user accounts created for Staff?

Staff user accounts are generated from CSPD's payroll management system, Connx. After payroll have processed user details through Connx the details will be synced across to CSPD's identity vault.

The following information is sent from Connx to CSPD's Vault for each user:

  • Preferred Name

  • Last Name

  • Payroll PIN

  • Birthdate

  • Gender

  • AGEID

  • Position Title/Description

It is important to keep in mind the users contracted start date. User accounts are created the same day of a users contracted start date. This could be the first 24 hours of a users start date. The first name for a staff user account is the Preferred name in Connx and the user login name is based on the first letter of the Preferred name.

How are user accounts created for Students?

Student user accounts are generated from CSPD's student management information system, Compass. Student enrolment is usually completed by school administration staff. When a student is enrolled into Compass the following information is sent to CSPD's vault:

  • Preferred Name

  • Last Name

  • Student ID Number

  • Birthdate

  • Gender

  • Current Enrolled Year

  • Roll Class

  • AGEID

It is important to keep in mind that a student's First name in their CSPD user account is the Preferred name in Compass and the user login name is based on the first letter of the Preferred name.

Experiencing an issue with a user account?

Please contact the Enterprise Service Desk and provide the below information:

Staff account:

  • First Name

  • Last Name

  • Payroll PIN

  • AGEID

It is important to keep in mind the user's contracted start date. User accounts are created the same day as a user's contracted start date. This could be the first 24 hours of a user's start date.


Student account:

  • Preferred Name (This is a separate field to 'First name' in Compass)

  • Last Name:

  • Student Identifier (ID)

  • AGEID