Presented herein are systems and methods for an access control system deployable in an IT Infrastructure System (enterprise) to automatically discover an unmanaged IT asset or resource based on registration metadata stored in a CMDB; in response to discovery of the unmanaged IT resource, generating based on the registration metadata, in an LDAP server of the enterprise, an entitlement for one or more groups of enterprise users, wherein, for each of the one or more users or groups, the entitlement is embodied in an LDAP group name, wherein the LDAP group name is determined based on IT resource application metadata and/or on a pre-defined LDAP group naming convention; and mapping, based on the LDAP group name, the entitlement for each of the one or more users or groups to one or more specified target IT assets of the enterprise already registered, including software applications, or hardware including databases or servers.