title: Bulk Operations Overview category: Bulk Operations tags: bulk, operations, ai, detection, issues, mass priority: Normal
Bulk Operations Overview
The Bulk Operations Center is IdentityCenter's facility for detecting and remediating organization-wide identity issues at scale. Navigate to Admin > Bulk Operations (/admin/bulk-operations) to access it.
The Problem
In any enterprise directory, identity hygiene issues accumulate over time: employees leave but their accounts remain active, attributes drift out of compliance, group memberships become stale, and security risks go unnoticed. Manually identifying and fixing hundreds or thousands of these issues across your environment is impractical and error-prone.
Bulk Operations solves this by combining AI-powered detection with automated remediation, allowing you to clean up your entire directory in minutes rather than weeks.
How It Works
The Bulk Operations pipeline follows three stages:
┌──────────────────────────────────────────────────────────────────┐
│ Bulk Operations Pipeline │
├──────────────────────────────────────────────────────────────────┤
│ │
│ 1. DETECT 2. ANALYZE 3. REMEDIATE │
│ ┌────────────┐ ┌────────────┐ ┌────────────┐ │
│ │ IBulkInsight│ -> │ BulkImpact │ -> │ Execute │ │
│ │ Service │ │ Analysis │ │ Actions │ │
│ │ │ │ Service │ │ │ │
│ └────────────┘ └────────────┘ └────────────┘ │
│ Scan directory AI categorizes Apply fixes │
│ for issues and prioritizes with rollback │
│ │
├──────────────────────────────────────────────────────────────────┤
│ Real-time progress tracking via SignalR │
└──────────────────────────────────────────────────────────────────┘
- Detection -- The
IBulkInsightServicescans your synchronized directory data and identifies issues across all objects. - Analysis -- The
BulkImpactAnalysisServiceuses AI to categorize each issue, assess its severity, and recommend a remediation action. - Remediation -- You review the recommendations, select which to apply, and execute them. Every change is tracked and reversible.
Issue Categories
Bulk Operations detects five categories of identity issues:
| Category | Description | Examples |
|---|---|---|
| Stale Accounts | Users or computers that have not authenticated for an extended period | User last login 180+ days ago; computer offline for 90+ days |
| Duplicate Accounts | Multiple accounts belonging to the same person, detected via fuzzy matching | Two accounts with the same display name and similar email addresses |
| Orphaned Accounts | Active accounts for individuals who have left the organization | Enabled account with no manager and no recent activity |
| Misconfigured Accounts | Objects missing required attributes or with incorrect group memberships | User without a department, email, or manager assignment |
| Security Risks | Accounts with excessive privileges or password policy violations | User in Domain Admins with password that never expires |
Issue Severity Levels
Each detected issue is assigned a severity based on AI analysis:
| Severity | Description | Typical Action |
|---|---|---|
| Critical | Immediate security risk requiring urgent attention | Disable account, remove privileges |
| High | Significant compliance or security concern | Remediate within 1-2 days |
| Medium | Moderate risk that should be addressed | Remediate within 1 week |
| Low | Minor hygiene issue | Address during next maintenance window |
Session Management
Each bulk operation run is tracked as a BulkOperationSession. A session records:
- Start and end time of the operation
- Issue category scanned (or full scan across all categories)
- Total issues detected and their severity breakdown
- Actions taken with before/after snapshots for each object
- Success and failure counts for applied remediations
- Operator who initiated the session
Sessions provide a complete audit trail. You can return to any past session to review exactly what was detected and what actions were taken.
Automated Monitoring
The BulkIssueMonitorJob runs on a configurable schedule (powered by Quartz.NET) to continuously monitor your environment for new issues. When the monitor detects new problems, it can:
- Log the issues for the next manual review
- Send alert notifications to administrators
- Automatically flag high-severity items for immediate attention
This means you do not have to remember to run scans manually -- the system watches for you.
Integration Points
Bulk Operations connects with several other IdentityCenter features:
| Integration | How It Connects |
|---|---|
| Policies | Issues detected by bulk scans can map to policy violations, and policy violations can feed into bulk remediation |
| Intelligence Hub | AI insights from the Intelligence engine inform issue detection and severity scoring |
| Compliance Frameworks | Bulk operation results contribute to compliance posture reporting |
| Directory Browser | Click any affected object to view its full details in the Directory Browser |
| Audit Logs | Every bulk action is recorded in the change audit log for compliance |
Key Components
| Component | Role |
|---|---|
BulkOperations.razor |
Main UI page at /admin/bulk-operations |
IBulkInsightService |
Scans directory data and identifies issues |
BulkImpactAnalysisService |
AI-powered categorization and prioritization |
BulkOperationSession |
Tracks each operation run with full metadata |
BulkIssueSnapshotRepository |
Stores before/after state for rollback |
BulkRollbackService |
Reverts changes if remediation causes problems |
BulkIssueMonitorJob |
Scheduled background job for continuous detection |
Best Practices
- Start with a scan, not a fix -- Always review detected issues before taking action
- Use category filters -- Focus on one issue type at a time for more manageable review
- Preview every change -- The preview step shows exactly what will happen before it does
- Begin with small batches -- Test remediation on a subset before running against your full population
- Schedule regular monitoring -- Configure the BulkIssueMonitorJob to run weekly so issues are caught early
- Review session history -- Periodically check past sessions to confirm remediations had the intended effect
Next Steps
- Running Bulk Operations -- Step-by-step execution guide
- Bulk Operations Analytics -- History, metrics, and trend analysis
- Intelligence Hub Overview -- AI-powered insights that feed bulk detection
- Policies Overview -- Define rules that integrate with bulk operations
- Browsing Your Directory Objects -- Explore affected objects in detail
- Dashboard and Reporting -- View bulk operation metrics on your admin dashboard