Automated 'User Life Cycle Management' - Effectively provisioning and deprovisioning Active Directory user accounts
Privileged Access Management - Prepare, Protect(MFA), Operate(JIT) & Monitor(Reports, Alerts) identities of critical stakeholders
Comprehensive Data Access Governance & Compliance - Get clear insights into which employees have what access-ownership and perform necessary permission cleanup
Integrated ITSM-IAM dashboard - Empower your help desk for Active Directory management
Presentation on how to chat with PDF using ChatGPT code interpreter
The Future of integrated Identity and Access Management
1. The Future of Integrated
Identity and Access Management
JAY
Product Expert, ADSolutions
Active Directory Webinar - 2017
2. SESSION AGENDA
• Automated 'User Life Cycle Management' - Effectively provisioning and
deprovisioning Active Directory user accounts
• Privileged Access Management - Prepare, Protect(MFA), Operate(JIT) &
Monitor(Reports, Alerts) identities of critical stakeholders
• Comprehensive Data Access Governance & Compliance - Get clear insights
into which employees have what access-ownership and perform necessary
permission cleanup
• Integrated ITSM-IAM dashboard - Empower your help desk for Active
Directory management
3. • Native Active Directory tools fall short in
meeting modern day requirements such as
automating routine AD tasks and generating
reports quickly.
• Multiple consoles for-
Active Directory, Exchange, Lync, O365, Gsuite,
etc., - cumbersome and time consuming.
• Security and granularity in delegation?
• Lacks support for bulk creation/mod GUI
NATIVE TOOLS ?
7. • New users have to wait a long time
before they can start working
• Your AD has quite a lot of mistakes
• You've got a lot of "inactive users"
• Ex-employees still have backdoor
access to your resources
Signs you may need AD automation
11. Objects to remove
• Inactive user objects especially admin
accounts
• Inactive computer objects to avoid naming
conflicts
Benefits removing objects stale objects
• Improves security for your domain
• Ensures effective license utilization
Automated AD Cleanup
15. Isolate admin and non-admin
accounts
PRIVILEGED ACCESS MANAGEMENT
— Enforce restrictions for accessing
— File servers
— Domain controllers
— Grant privileges to users only for systems on
which they are authorized.
— Grant access only when it’s needed and
revoke access when the need expires.
— Create an unalterable audit trail for any
privileged operation.
16. Observing accounts
Every object needs attention
• Expired accounts, expired passwords, and
disabled users are all major causes of internal
hacks
Privileged accounts with unchanged passwords
• Pose a chance of being compromised
• Require an immediate, forced password
change
17. Compliance & Clean up permissions
• Find out who has access to
confidential data
• What level of access do they have?
• Investigate subfolder permissions
• Practice the approach of 'least
permissions'
18. ITSM-IAM Integration & more.
ADManager Plus + ServiceDesk Plus
Create | Unlock | Enable | Disable | Delete | Reset
passwords
ADManager Plus + ServiceNow
Create | Unlock | Enable | Disable | Delete | Reset
passwords
& Add or remove from Group
Other integrations
MS SQL and Oracle DB – user onboarding