13 runbooks for the L1 IT helpdesk
Versioned, deterministic, auditable runbooks — runbook-first architecture, approval-required by default. Microsoft Teams + Slack native.
Identity
5 runbooksAccess Role Change
Multi-system orchestrated role transitions for promotions, transfers, and contractor-to-FTE conversions. Five seed roles ship out of the box (support tiers, sales SDR/AE, engineering contractor/FTE/intern, HR generalist/manager); each transition produces a single approval card showing the full access diff and executes sequentially across Okta + Entra + Jira + M365 with per-step audit outcomes.
Account Unlock
Automate Microsoft Entra ID and Okta account unlocks from Slack and Teams. Identity verification, approval-gated unlock, failed-login counter reset.
Group Membership Management
Automate Microsoft Entra security group, M365 group, and distribution list membership changes from Slack and Teams. Name-resolved, approval-gated, idempotent.
MFA Re-enrollment
Automate Okta and Microsoft Entra ID MFA factor reset and re-enrollment from Slack and Teams, with approval-gated execution and audit-friendly logging.
Password Reset
Automate password resets in Okta or Microsoft Entra ID directly from Slack and Microsoft Teams. Approval-required by default, with full audit trail.
Provisioning
4 runbooksEmployee Offboarding
Automate end-to-end employee offboarding across Okta, Microsoft 365, Jira, and Intune. Suspend accounts, revoke OAuth tokens, transfer files, revoke licenses, archive mailbox.
M365 License Assignment
Automate Microsoft 365 license assignment from Slack and Teams. Pool-availability check, approval-gated assignment, optional Intune or Jamf endpoint policy push.
New Hire Provisioning
Automate new-employee account creation across Okta, Microsoft 365, and Jira with single-approval workflow. License assignment, group membership, and welcome kit delivery.
Software Decommission
Reclaim a specific M365 license seat from a user with full audit trail — distinct from full offboarding. Snapshots the seat pool before/after, optionally surfaces the user's Intune-enrolled devices that have the matching app for follow-up cleanup visibility.
Collaboration
2 runbooksConfluence Space Provisioning
Self-serve Confluence space creation with propose-time key-collision detection and audit-chain coverage. Approval-gated; the approval card surfaces conflicts before the admin clicks Approve so wasted approval cycles are eliminated.
Email Distribution List Add
Add or remove users from Microsoft 365 distribution lists, mail-enabled security groups, and Microsoft 365 groups via Slack or Teams — same audited approval flow as security-group membership, with the group type clearly labeled on every approval card.
Live or template — we tell you which
Live runbooks execute end-to-end against real Okta, Microsoft Entra ID, and Microsoft 365 tenants today. Templates are documented and configurable per customer environment, with handler implementation on a dated roadmap. We don't conflate the two.
