In a previous article, we discussed how to liberate the DBA from SQL Logins with AD Groups. A good point was raised: How can the DBA know who has what access? Here is a solution.
The Azure Active Directory Graph API enables some interesting scenarios that you can implement in your applications by enabling you to query and manipulate directory objects in Azure AD. In this article, Rick Rainey provides a clear walkthrough of its implementation.
We would like to update the user, role, and user role tables automatically from Active Directory. Ideally we'd like an SSIS package that we could schedule and/or run on demand to take care of the update. Can you provide an example of how to do this?