Imanami’s GroupID has a simple yet effective method for Active Directory group self service. We allow the group owner or Admin four choices for group security:
- Private: closed membership
- Semi-private: owner must approve membership request
- Semi-public: notify owner of new membership
- Public: open membership
When you open group membership for self service, the owner(s) assign the security level for the group. When another user chooses to join the group, the security setting will kick in and either not let them in (private), create a workflow (semi-private), create a notification (semi-public) or allow them to join (public).
By having multiple owners of a group, it makes the workflow process painless and users don’t have to wait long to get into the group. It really works well.
But, we went one step farther, an Admin can set those security levels on users attempting to leave the group as well. Why would you want to do that? Consider the security group for users on HR probation. It is probably a group that nobody wants to opt into but most on it will want to opt out. Especially if you are using that group to lock down downloading privileges to keep soon to be fired employees from stealing data. If you set it up right, it’s like the roach motel, they can check in but cannot check out.
In our recent survey on AD group management, we found that 60% of organizations are leaving group management up to manual processes. While we agree that managing Active Directory groups isn’t always the most strategic use of your valuable IT time, if you abandon the manual and choose to automate and delegate, you can solve a lot of security and productivity issues with these Active Directory groups.
Jonathan Blackwell
View ProfileSince 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.