|
|
|
|
Active Directory Auditing for the business
Why do most organizations have an Active Directory auditing solution?
So that the AD Administrator can sign off on a form saying they have one? So that
the auditor can take a look once per year and be sure that the reports look complete?
So that the AD Admin can figure out exactly what happened to that certain group
every once in a while? Most likely, it is all of the above.
GroupID provides actual useful Active Directory auditing for end users. An end user
can see what has happened to their objects (their user account, their direct reports,
their security and distribution groups) in an easy to understand friendly format.
If your direct report changed her phone number, you get an easy notification showing
“Jane Doe changed her phone number to 415-555-1234”; and you can click on it for
more details.
That is useful auditing for the business, by the people and for the people.
|
|
|
|
|
|
|
A user’s perspective on Active Directory auditing
This useful auditing is presented to the end user in a variety of ways. When logging
in to Self-Service, the user is presented with a friendly list of changes that have
happened to objects they care about. The basic premise is any change to any object
at any time.
Within the detailed view of any object, all changes are shown in more detail with
before and after values. So if you are looking at your direct report’s profile,
you can easily see the groups that Jan has joined or left, the attributes that she
has changed, or that have been changed for her.
When looking at a group that you own, you can easily see the users who have joined
or left, or the change to the expiration policy that the administrator made, or
when you last renewed the group.
When looking at your own profile, you can see if a Synchronize job has updated your
title from the HR system as it should, or if you have had to unlock your password
five times in the last week, or if you have a new direct report, or if three people
have joined your book club security group.
What this Active Directory history feature does is to put the information on what
is changing to the directory in the hands of the people who care because it is part
of how they do their job. You want the owner of the dynamic security group to know
when users have been automatically added to their group.
You want a manager to know if one of their employees changed their cell phone number.
They need that to do their job.
An auditor needs to know what happened to Active Directory once a year. Your users
need to know as it happens.
|
 |
|
|
|
GroupID Synchronize
Synchronize Active Directory with external sources to seamlessly provision, update
and deprovision users. Accurate data produces accurate groups.
|
|
|
|
|
|
GroupID Automate
Automate the creation and management of dynamic distribution lists and Active Directory
security groups. A simple query creates and updates groups automatically based on
changes in Active Directory.
|
|
|
|
|
|
GroupID Self-Service
Update and manage users and groups in Active Directory through the web. Self-service
updates for users and groups decreases calls and emails to IT.
|
|
|
|
|
|
|
|
