Not ready for a full-blown IDM solution, but still want to secure your AD and streamline provisioning and deprovisioning? Or does your current IDM solution only provide limited tools to manage your AD? Then ActiveRoles Server might be the solution for you.
ActiveRoles Server is part of the Dell One Identity solution (IDM) but is available as a stand-alone product. Developed by Quest Software, ActiveRoles is a well-known product used globally to provision, administer and secure more than 54 million AD user accounts. Deployments range in size from 250 to 800.000 users.
Through a set of tools, it allows you to efficiently manage users and groups while also overcoming some of the Active Directory’s native limitations.
- Identity and access lifecycle management.
- Automatic User- and Group Provisioning and Deprovisioning.
- Automatize Provisioning from an authoritative data source, such as an HR or ERP system and thereby automatically gain the control of user access.
- Unified Active Directory and Active Directory Lightweight Directory Services (AD LDS formerly ADAM) Management.
- Automated group management.
- Interfaces for Day-to-Day administrators, Help Desk, and end user self-service.
- Controlled Administration through Roles and Rules for a true least privilege model.
- Approval Workflow for Change Control.
- Centralized Auditing & Reporting.
- Empower users with self-service capabilities.
- Compliant & Secure Access Management through Group Membership Self-Service.
- ADSI and PowerShell support for extensibility.
- Customisable web interfaces.
ActiveRoles Server provides you with several tools to ensure that only approved IT personal be granted access to Active Directory data e.g. through:
Access Templates – used to grant administrative users access to AD objects (Domain, OUs, Containers or individual users) and specifies the level of access the user should have.
Policies – allow you to specify a set of rules that apply to the administrative users, for example making a range of attributes required during provisioning and even specifying a specific syntax. It can also be used to automatically generate values for attributes based on given information (e.g. logon name, email address etc.).