ActiveRoles Server

Not ready for a full-blown IDM solution, but still want to secure your AD and streamline provisioning and deprovisioning? Or does your current IDM solution only provide limited tools to manage your AD? Then ActiveRoles Server might be the solution for you.

ActiveRoles Server is part of the Dell One Identity solution (IDM) but is available as a stand-alone product. Developed by Quest Software, ActiveRoles is a well-known product used globally to provision, administer and secure more than 54 million AD user accounts. Deployments range in size from 250 to 800.000 users.

Through a set of tools, it allows you to efficiently manage users and groups while also overcoming some of the Active Directory’s native limitations.

1

Provisioning

  • Identity and access lifecycle management.
  • Automatic User- and Group Provisioning and Deprovisioning.
  • Automatize Provisioning from an authoritative data source, such as an HR or ERP system and thereby automatically gain the control of user access.

Directory Management

  • Unified Active Directory and Active Directory Lightweight Directory Services (AD LDS formerly ADAM) Management.
  • Automated group management.
  • Interfaces for Day-to-Day administrators, Help Desk, and end user self-service.

Security

  • Controlled Administration through Roles and Rules for a true least privilege model.
  • Approval Workflow for Change Control.
  • Centralized Auditing & Reporting.

Self-Service

  • Empower users with self-service capabilities.
  • Compliant & Secure Access Management through Group Membership Self-Service.

Extensible

  • ADSI and PowerShell support for extensibility.
  • Customisable web interfaces.

ActiveRoles Server provides you with several tools to ensure that only approved IT personal be granted access to Active Directory data e.g. through:

Access Templates – used to grant administrative users access to AD objects (Domain, OUs, Containers or individual users) and specifies the level of access the user should have.
Policies – allow you to specify a set of rules that apply to the administrative users, for example making a range of attributes required during provisioning and even specifying a specific syntax. It can also be used to automatically generate values for attributes based on given information (e.g. logon name, email address etc.).

This entry was posted in Uncategorized and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s