AD management- working smart, not hard

October 7, 2008
By admin

For most people, managing the enterprise Active Directory may seem like an easy task. Why invest in, and use advanced tools to manage something that at first glance can manage itself? After all, a company doesn’t hire people and doesn’t add new resources everyday. Changing account settings seems easy, and controlling your IT infrastructure by creating group policies only has to happen once in a while, right? Most IT administrators would recognize these statements as being insufficient for their business, yet because of all the complexities and required scripting the same administrators have adopted a “live and let live” approach when dealing with the Active Directory.

When’s the last time you needed to search through its logs to determine who deleted what file? How long have you spent on restoring an AD object because someone accidentally deleted it? And even worse- how many hours or days have you spent figuring our just what report would satisfy your regulatory compliance and auditors? Most IT administrators agree that getting “centralized”, and having granular permissions management in a Windows environment can be difficult, if not impossible. Windows provides limited tools and even more limited documentation for managing the directory service. It also does not support the multi-layered permissions administration needed to satisfy modern business needs.

Due to the inherent complexities most administrators prefer to set the Group Permissions and add subsequent users to the group, giving them access to those resources. This simplistic approach is implemented because once they spend the time to set up the thousands of files, folders, AD objects and more, they can close the project and move on. In reality, keeping this updated takes a lot of time, and because of it, in most cases it gets overlooked. As a result this approach leads to an inflexible strategy. Consider this scenario: looking at a department, you set the group and give all the permissions needed to ensure they can do their job. Later, when a new product or feature is launched, you will need to split that department into 2 different groups. Wouldn’t you want a solution that allows you to do that right away and saves you the many hours needed to complete this project if you use only the native tools?

Windows alone can’t satisfy the all the modern business needs, and using a third party software is a must. Here at CionSystems we created solutions that extend the native functionality and give IT managers an easy way of dealing with the complexities inherent in Active Directory without the need for scripting. Our goal is to solve issues and scenarios such as the ones above and make Active Directory management a snap.

Furthermore, when considering all the business requirements- Reporting, Enforcement, Auditing and Analysis just to name a few- the need for implementing a complete solution such as the Active Directory Manager is obvious. With it, tasks such as managing users with their passwords and personal information; consistency in provisioning centralized configurations; troubleshooting and finding root causes to problems; canceling accounts; ensuring compliance and more, are made easy and straightforward. Starting with the easy to use and fully customizable Dashboard, administrators are able to delegate tasks through the IT organization. The Dashboard gives a central point where users can access and customize Reports, manage OUs, set Group Policies, manage users, perform quick Search and Replace functions and even manage settings for MS Exchange.

Analyzing the needs of each customer, we maximize their IT investment. We build decades of experience into every solution we design, giving our customers the tools needed to securely manage the health of their infrastructure with confidence.

Tags: , , , , , , , , , ,

Leave a Reply