Despite my initial requests to my management at the time to look at a wonderful ticketing system called IssueTrack which I had deployed at my previous employment, I was overruled and now my company uses a ticketing solution that is installed as an Azure application called Samanage (which was just purchased by SolarWinds). It is an adequate solution, despite it being a little weak in the area of workflow automation and form customization.
One thing that has bothered me since the initial deployment is the multi-step process for assigning newly created users from AD on-prem to the Azure application because we wanted to limit the authorized users to only real "person" accounts. The only other alternative was to all users to sync from Azure AD, which would have created a bit of a mess.
To deal with this, I created a PowerShell script that fetches the members of a group, checks that list against a list of assigned users for the application, then assigns any new users to that application.
Then I created a task scheduler task that runs once every half hour that runs the script to keep everything in sync.
The code for the script, as well as an application that encrypts credentials, are attached. Keep in mind, when encrypting credentials, you must run the "BuildCreds.exe" application on the machine on which you plan to use them. The ConvertFrom-SecureString command is machine specific.
