Handling organizational changes
Consider a company in the process of re-organization. Multiple departments are changing names, merging, or separating from one another. Such reorganization involves an increase in administrative, security, and business liabilities, as well as the high cost of manually updating data. This situation demands a means to automatically update and move the data.
Active Roles provides the ability to define administrative policies that make organizational changes easier to handle. By using Managed Units, rule-based overlays of the actual data in Active Directory can be set up for both the current and planned organizational structures. Administrative policies can be specified so that when data moves from one Managed Unit to another, policy definitions will automatically be applied, based on the change. This will update properties, such as the user’s manager, department, group memberships, and OU memberships.
As another example, consider a user who changes departments. Depending on the department to which the user moves, Active Roles could automatically move the user's data, change the user's group memberships, and specify to whom the user reports.
User Account Management
Suppose a company provides services based on Active Directory and Microsoft Exchange. The company relies on the Active Directory infrastructure as a basis for their service offerings.
Configuration of Active Directory involves setting security and partitioning the directory, so that any user has proper access to directory resources. It is paramount to have a framework that facilitates the creation of new user accounts and the assignment of appropriate access rights. There is a need for a robust system that maintains user creation and management with minimal administrative effort.
Active Roles offers a reliable solution to simplify and safely distribute user account management. It addresses the need to create and manage a large number of user accounts, and to ensure that each user can only access their own resources. By implementing an administrative model based on business rules, Active Roles allows domain-level administrators to easily establish and maintain very tight security, while facilitating the provisioning of new users with the appropriate access to IT resources
Active Roles has the ability to safely delegate routine user-management tasks to designated persons. By incorporating policy enforcement and role-based security, Active Roles allows the organization to restrict the administrative actions according to the corporate policies defined by the high-level administrators. In addition, it allows the administrators to change the policies, ensuring that new policy settings are automatically propagated and enforced without additional development.
Active Roles makes it simpler for the organization to delegate authority to administrative and support groups, while enhancing the overall security. The Web Interface can serve as an administrative tool that allows the assistant administrators to manage users, groups, and mailboxes. Active Roles ensures that all actions performed by a Web Interface user are in compliance with the corporate security policies.
Starting the Active Roles console
Starting the Active Roles console
The Active Roles console, also referred to as MMC Interface, is a comprehensive administrative tool for managing Active Directory and Microsoft Exchange. With the Active Roles console, you can easily find directory objects and perform administrative tasks.
To start the Active Roles console
Depending upon the version of your Windows operating system, click Active Roles 7.5 Console on the Apps page or select All Programs
| One Identity Active Roles 7.5
| Active Roles 7.5 Console from the Start menu.