project database

Doing it the hard way: SharePoint and AD provisioning

I had a friend who didn’t believe that anything was worth owning unless he had fixed it himself or somehow customized it.  He drove an International Harvester Scout (still one of my favorite vehicles) because it could be repaired with duct tape, a screw driver, a crescent wrench and whatever liquid happened to be in our…

project database

Expire and renew Active Directory groups: a video how-to

An Active Directory group should only live as long as it is useful to your business.  But without any native tools to expire and renew Active Directory groups, administrators turn to the time-honored, “delete it and see who complains” technique.  The problem is, then you have to re-create that group, its members and permissions if…

project database

Top 5 GPO’s to apply to Active Directory groups

Group Policy Objects (GPO) are not just for OUs any more.  There are not a ton of GPOs that are better off applying exclusively to Active Directory groups but there are a few.  The main use of GPOs filtered to Active Directory security groups is to create exceptions to group policy but there are a few…

project database

Limiting message size within AD self service portal

In our LinkedIn User Group, we had a customer ask if GroupID could set the Max Send Size on messages to a group.  What they are doing is delegating control of groups to their users but want to maintain control.  So they have implemented the appropriate amount of workflow (on group creation, on join requests, etc). …

project database

HR & IT: onboarding and AD provisioning

I worked in the HR world for quite some time.  As I made the transition to a more IT focused role I was surprised at how similar some of the conversations are.  Both HR and IT are striving to deliver new services and more value to the business lines they serve faster and at lower…

project database

Dangers of orphaned Active Directory groups

An orphaned Active Directory group is a group with no owner.  On the surface, that doesn’t seem that bad, email is still delivered, permissions are still applied.  But there are some real dangers to the business if you allow Active Directory groups to go ownerless and the membership becomes static. You can almost guarantee inaccuracy…

project database

Dynamic Active Directory groups for message delivery restrictions

Active Directory and Exchange offer a great tool for managing communication to distribution lists: message delivery restrictions.  This concept is pretty easy to understand, if you have an Exchange distribution list that you want only certain people to be able to email, you include them in the message delivery restriction.  Conversely, if you want certain…

dynamic active directory groups

Dynamic Nested AD Groups

We call them Dynasties Smart Groups are a great way of managing the membership of an individual group in a dynamic fashion. But what if you wanted to create a series of separate groups whose memberships are defined on some common criteria (for example, manager, department, location, and so on), and that criteria has some…

project database

Happy April Fools’ Day at Imanami!

We aren’t big on the pranks at Imanami but we had to do at least one so we stole a page from The Office and be-jello’d our CEO’s stapler.  Be-jello’ing is sort of like bedazzling but with Jello instead of rhinestones.  I hear it’s all the rage in Paris this season. One very serious prank…