Royal Cosun streamlines cross-domain identity management with ManageEngine AD360
About Royal Cosun
Royal Cosun is a manufacturing and production firm based out of the Netherlands. The organization focuses on innovation and sustainability in transforming agricultural raw materials into high-value products. With a distributed IT environment and strict compliance needs, Royal Cosun prioritizes secure, scalable, and efficient identity management across its global infrastructure.
-
Organization
Royal Cosun -
Industry
Manufacturing -
Location
Breda, Netherlands -
Employees
5,000+
Key challenges
Royal Cosun’s multi-domain Active Directory environment faced operational complexity. Each employee required identical accounts across six domains to meet compliance standards and operational requirements. While the existing system automated account creation, it didn’t support multi-domain provisioning or bulk user management.
The IT team needed a solution that could centralize management, eliminate manual effort, and ensure compliance from a single console with an interactive UI, rather than depending on PowerShell scripts.
Key benefits
With ManageEngine ADManager Plus, Royal Cosun successfully automated multi-domain account creation and synchronization without relying on native scripts. The solution significantly reduced manual effort through efficient automation policies. IT administrators could easily delegate tasks and enforce access controls from a single, interactive console, improving both efficiency and governance.
Royal Cosun turned to ManageEngine's onsite implementation service, which was tailored to the organization's business needs and industry best practices. The onboarding process received exceptional feedback, with the customer highlighting the product's scalability and the onboarding team’s expertise in simplifying complex identity management requirements.
Business challenges
As a rapidly expanding enterprise, Royal Cosun’s IT landscape spanned six Active Directory domains, each isolated for compliance reasons. The IT team had to create and maintain identical user accounts in multiple domains for the same individual, ensuring each account retained the same identity attributes.
Although Royal Cosun already had an in-house identity creation workflow to manage users in Active Directory, it needed an easy-to-use bulk user management solution to simplify administration, reduce dependency on scripts, and seamlessly integrate with Workday, its HRMS tool. Limited cross-domain visibility, manual provisioning, and the absence of unified reporting further slowed operations and increased administrative workload.
The team needed an out-of-the-box scalable IAM solution that could adapt to its environment, simplify operations, and lay the groundwork for eventual Workday integration.
The solution: ADManager Plus implementation through OnboardPro
The Royal Cosun Group availed OnboardPro, ManageEngine's implementation and onboarding service, for an onsite implementation of ADManager Plus. OnboardPro ensured the deployment was tailored to its business needs and aligned with industry best practices. The product implementation expert visited Royal Cosun's office, collaborated closely with its IT team to understand requirements, provided guidance on best approaches, and implemented the solution, seamlessly integrating the solution with Royal Cosun's existing system.
With the help of event-driven automation, workflows, and attribute mapping, a cross-domain identity management workflow was built without any third-party integrations or scripting.
The implementation included:
- Scheduled reports filtered by domain-referenced groups.
- Automated creation of new-format user accounts referencing primary accounts via the Microsoft-based field extensionAttribute1, where each new account references its primary account, and the primary account stores the reference to the newly created user account.
- Multi-domain automations using attribute-based logic to replicate and synchronize identities.
- Scheduled modification workflows via user modification template s for consistent updates.
With this setup, Royal Cosun achieved end-to-end multi-domain provisioning and synchronization, ensuring compliance, accuracy, and scalability across six domains in just two days.
The flexibility of ADManager Plus surprised us. Even without integrations, we achieved cross-domain automation with simple logic. The onboarding experience was excellent.
Jeroen Van Berlo, senior system engineer, Royal Cosun
Royal Cosun’s IT team highly appreciated the hands-on expertise and deep industry knowledge from the OnboardPro team, describing the onboarding experience as exceptional.
Results
- 100% consistency in multi-domain user identity management.
- 100% automation across workflows, eliminating manual scripting entirely.
- 100% customer satisfaction and plans for future Workday integration.
About AD360
ManageEngine AD360 is a unified identity platform that seamlessly connects people, technology, and experiences while giving enterprises full visibility and control over their identity infrastructure. It offers automated life cycle management; secure SSO; adaptive MFA; and risk-based governance, auditing, compliance, and identity analytics—all from a single, intuitive console. With extensive out-of-the-box integrations and support for custom connectors, AD360 easily integrates into existing IT ecosystems to enhance security and streamline identity operations. Trusted by leading enterprises across healthcare, finance, education, and government, AD360 simplifies identity management, fortifies security, and ensures compliance with evolving regulatory standards. For more information, please visit manageengine.com/active-directory-360/.
About OnboardPro
OnboardPro is a ManageEngine service that provides solution implementation to clients upon request. This service includes the installation and customized configuration of ManageEngine solutions. It enables clients to seamlessly begin work without worrying about the complexities of product installation, deployment, and use. Every client environment is unique and requires additional support beyond the basic installation and standard features. With custom onboarding, clients have the option to engage a team of product experts to manage the installation, implementation, customization, and training based on their business needs. For more information, visit manageengine.com/onboarding/manageengine-onboardpro-iam-and-siem-professional-service.html.