In each of my YouTube chalk-talks where I have created dynamic Active Directory groups, I paused to admire the section where GroupID provides the specific PowerShell command that would create that group in Active Directory. It is an excellent feature that allows our customers to script some of these commands into existing processes. The word everyone uses is extensible; I just say it’s cool.
We did this for a few reasons:
- As George Mallory famously said, “Because it was there.”
- Imanami believes that Active Directory provisioning does not end when a user has been provisioned. That user needs to be able to do things such as access files, receive email, have login permissions, etc. Without automated Active Directory group membership, a lot of this becomes a manual process. Imanami hates manual processes.
- Imanami GroupID is not the center of the universe, our customers are. They already have processes in place, some need to be scrapped but others work just fine and why not add Active Directory group management into those processes instead of adding a step.
- PowerShell makes deployment easier. When you first want to create 500 dynamic distribution lists, don’t go through the wizard, do it once, get a PowerShell command that only needs slight tweaks for the other 499 and make life easier on yourself.
We have a full list of GroupID PowerShell commands and a few sample scripts that are going to make our customers lives easier and their processes extensible. Let us know if you’d like to see how they work.
Jonathan Blackwell
View ProfileSince 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.