Since 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.
Active Directory Group Management solutions can make all the difference in the day-to-day life of an IT Manager and everyone else in the company. As we all know, there are two ways to manage any department. The first management style is “Putting out Fires” the second is “Proactively Managing” by anticipating problems based on past performance,…
Active Directory does an excellent job of allowing administrators to arrange their security identities in a hierarchal fashion. In a previous blog post , we discussed nested security groups which can be used to implement inherited security permissions. Active Directory also allows you to structure your Active Directory Organizational Units (OU for short) to reflect…
Many organizations still follow the traditional practice of writing or printing passwords on paper and keeping them in a physical vault, which would remain under the control of the IT department. When you have issues with your password or you need to unlock your account, you will have to either track the person who may…
In reading the article “Token Bloat Troubleshooting by Analyzing Group Nesting in AD” by M. Ali, it is pointed out that membership in the nesting of groups can in many cases lead to a condition where tokens carried by an identity can cause performance issues. Along with performance issues are cracks in your security when…
Many of our clients are professional services organizations; law firms, marketing agencies, consultants and the like. One of the things that they have in common is that they often have a need to create a place where people both in and outside of their organization can come to share resources for a period of time. …
Active Directory provisioning is a vague abstract term. Is a user provisioned once they have an AD account? Once they have an Exchange mailbox? Once they are in a few security groups? Or once they can do their job? I posit that it is once they can do their job. And that’s where the rub…
You run an IT department. No matter if it is big or small, you have to have a help desk. Your help desk is the public face of IT, the people that the rest of the company knows. So they call them. For everything. You know the problem with this, help desks are expensive to…
In attribute-based access control, access to resources is based on the attributes of a user, not from the resource owner specifically granting access to that user. The user proves their claim based on attributes associated with them rather than having joined a group and/or a role. Example of ABAC (Attribute based Access Control) A great…
Nobody’s Active Directory is perfect. And by “perfect” I mean with accurate identity information. Users are an ever-changing group, they switch jobs, last names, phone numbers, cubicles, departments, and projects. The users know this information but, guess what, IT doesn’t always. So Active Directory gets lonely and out of date. Eventually, nobody’s identity information is…
Active Directory literally sits in the middle of everything. As the King of IT Infrastructure, it holds the ceremonial middle spot in any server rack. Well, maybe I’m mis-using literally. But figuratively? You bet it sits in the middle of everything. We have carved out a niche as THE software solution for managing Active Directory…