Talks to the systems you already run
ip·Solis is glue, not a replacement. Bring your AD, your SCCM, your hypervisor and your IdP. We will wire them together.
Active Directory
The PowerShell 7 worker connects to AD via ADWS using NTLM signing or Kerberos, so your existing domain credentials work without additional configuration. Runbook steps can add or remove users from security groups, set any user attribute, and query the directory. Manager relationships are resolved live at order-creation time for approval routing — never stored — so reporting-line changes are reflected immediately.
SCCM
SCCM integration covers device import, task sequence triggering via WinRM, and AdminService REST API calls authenticated with Kerberos. A built-in status probe polls task sequence completion asynchronously and advances the order state automatically, so operators see real-time progress without writing polling logic themselves. Works against both on-prem SCCM and Microsoft Endpoint Configuration Manager.
XenServer / XCP-ng
Clone, power on/off, snapshot and delete VMs in a XenServer or XCP-ng pool directly from runbook steps using the XenAPI. SSL bypass for self-signed pool-master certificates is pre-configured, and stdin injection handles interactive-prompt workarounds so air-gapped lab environments work without script modifications.
VMware vSphere
PowerCLI-based runbook steps manage the full VM lifecycle against vCenter — clone from template, configure hardware, power on/off, take and revert snapshots, and delete. Self-signed vCenter certificates are handled automatically. Credentials are stored in the admin UI and injected per execution, never baked into scripts.
Generic webhook
The inbound ServiceNow webhook accepts HMAC-SHA256-signed payloads and routes them through the same approval and runbook pipeline as portal orders. Requester AD attributes are snapshotted at creation time, so webhook-originated orders appear correctly in cost-center and department breakdowns. The same pattern works for any HRIS or ITSM system that can POST a signed JSON payload.
SCIM 2.0 IdPs
The /scim/v2/ endpoint integrates with Okta, SailPoint, Ping Identity, Entra ID, and any RFC 7644-compliant identity provider. User provisioning calls are acknowledged as no-ops — ip·Solis does not maintain a user directory. Deactivation events (DELETE or PATCH active=false) immediately trigger the unified leaver flow, revoking every active order and dispatching deprovision runbooks.
SMTP
All outbound notifications — approval requests, reminders, expiry warnings, leaver confirmations, cost threshold alerts — are sent via your own SMTP server. STARTTLS and SSL/TLS are both supported. The from-address, reply-to, and credentials are configured in the admin UI and can be updated without rebuilding containers.
Microsoft Teams
Approval requests are delivered as Adaptive Cards to a configured Teams channel via webhook — managers approve or decline with a single click without leaving Teams. Cost threshold alerts and access certification reminders are also posted to Teams alongside email, so the right people are notified wherever they work.
Source-controlled runbooks
Runbooks can be exported as structured JSON and committed to a Git repository, enabling code review, diff history, and rollback through standard pull request workflows. The same JSON can be imported back into any ip·Solis instance, making runbook promotion across dev, staging, and production environments straightforward.