We get a lot of people coming to us for our free Active Directory reporting tool. Whenever I have the chance, I ask them what they are looking to report on. Often, the answer is that they are looking for an easy way to see group membership in Active Directory. They don’t have a great…
Groups manage user accounts, computer accounts, and other groups to simplify network administrations. Working with groups makes maintenance easier and less complex as compared to working with users. In Active Directory, you can create both security groups and distribution lists as static groups. Static groups are best suited when group memberships change occasionally. However, creating…
There was a question over on Mark Minasi’s Active Directory forum on how to find unused Active Directory security groups. The answer quickly came that it is “a pretty hard problem to solve for real.” There are a few vendors that can offer reports/tools that show what file system permissions are associated with each group. But…
Am I the only one who has been seeing a lot in the press recently about privileged users and the tools and solutions focused on them? When I read this article on insider threats in Network World, I realized that dynamic user provisioning, which Imanami has been offering our clients for years, is a fundamental…
Many of our customers use Role-based Access Control (RBAC). At least that’s what they are telling us. But our products don’t actually support the traditional concept of roles, where you create the perfect role of a salesperson and assign permissions and access to that role. Our customers are getting more granular than that. It’s almost…
Every once in a while I find myself describing a dynamic Active Directory group as “query based.” This always begs the question, how does this dynamic group differ from Microsoft Exchange’s Query Based Distribution List (QBDL)? It is actually a pretty simple answer, when GroupID Automate creates a dynamic group, it actually creates the group…
When a Microsoft customer buys group management for Microsoft’s Business Productivity Online Suite (BPOS), they are using Imanami’s self service web portal. But they are using an older version of GroupID Self Service called WebDir that lacks some of the advanced group management features that we have innovated. There are good reasons for this, Microsoft…
I was recently perusing Technet’s script repository which details all of the scripts related to Active Directory groups. It was fascinating in that these scripts did a lot of great things but required quite a lot of work if you wanted them for anything other than one-off requests. And that’s not even getting into the…
When we designed GroupID to work with Exchange 2010, we didn’t want to simply “support” Exchange 2010, we wanted to be sure that we worked with it. The reason is that Exchange 2010 has introduced a small subset of GroupID’s Active Directory group management features into OWA and we were determined to complement these features…
Imanami’s GroupID has a simple yet effective method for Active Directory group self service. We allow the group owner or Admin four choices for group security: Private: closed membership Semi-private: owner must approve membership request Semi-public: notify owner of new membership Public: open membership When you open group membership for self service, the owner(s) assign…