While our GroupID Synchronize product is widely known for its provisioning and directory synchronization capabilities, we also have quite a customer base using it exclusively for GAL synchronization. I wrote about how to do it in GAL Synchronization between Forests but want to comment a bit more on how simple it is to do. Many…
To compare Imanami’s GroupID with Microsoft’s Forefront Identity Manager (FIM), it is essential to understand what each is and isn’t. FIM is an Identity and Access Management suite. It provides policy management, credential management, user management and group management. What it is not is simple or cost effective. GroupID is purpose-built software to manage Active…
Do you ever feel like you are answering the same questions over and over again? I have yet to come across a customer or prospect who would not like to reduce the number of calls that come into their help desk or service center. Those calls always have a cost and it seems that many…
As the old saying goes, denial isn’t just a river in Egypt. It is also a useful tool to deny access and rights for employees on probation. Think about the first thing an employee who is put on steps of discipline will want to do. Steal data. Download all of their files and contact information. …
There was a question over on Mark Minasi’s Active Directory forum on how to find unused Active Directory security groups. The answer quickly came that it is “a pretty hard problem to solve for real.” There are a few vendors that can offer reports/tools that show what file system permissions are associated with each group. But…
You still need Active Directory even though you have outsourced Exchange to Microsoft BPOS. So, how do you manage it? You want your user attributes to be accurate, group memberships up to date, unused groups expired, and security groups to be, well, secure. Oh, and you really don’t want to have your IT department to…
Active Directory comes with an interface: ADUC. It is very useful for admins and only admins. We have had customers admit to us in the past that they have allowed ordinary end users access to ADUC; this changed quickly once they got a good web based Active Directory self service solution like GroupID Self Service.…
I kid. All your group do not belong to us. We just have the best way to help you manage your Active Directory groups with Imanami’s GroupID. We are currently in the midst of our best quarter ever and I have photoshop and I’ve always wanted to make that image. I’ll probably print up some…
Many of our customers use Role-based Access Control (RBAC). At least that’s what they are telling us. But our products don’t actually support the traditional concept of roles, where you create the perfect role of a salesperson and assign permissions and access to that role. Our customers are getting more granular than that. It’s almost…
David Bell wrote an interesting piece in Secure Computing on how to avoid flaws in Identity Management. The part that I really liked was how he pointed out that the IT security industry is focusing its efforts on “where” enterprises keep their critical data instead of “who” has access to it. It is this “who”…