Any Administrator user has access to modify other users!
Any Administrator user has access to create shared folder and move critical data
Any Administrator user has access to stop critical OS services
Any Administrator user has access to everything!
2. Current User Management Concerns
Who Has Access?
Many Users Are Administrator on Each Service or Server
I’m Administrator, So I Can Modify your User!
Any Administrator user has access to modify other users!
Any Administrator user has access to create shared folder and move critical data
Any Administrator user has access to stop critical OS services
Any Administrator user has access to everything!
When server is joined to a domain, just domain admins has access to modify
users and groups.
3. Current User Management Concerns
Password and Password Policy
Changing Password at least on Ten Local Machines, I’m Tired, I’ll Do it Later!
I Have Seen Your Password!
I’m responsible to my password, my colleagues have seen accidentally. I have
to change my password on all servers!
I’ve used simple password, Who does care? Just I know it, so it’s secure!
I’ll change my password to previous password, who has know about the old
password?
My collogue has left the company, now I have to remove his user from all
servers, devices, management software, monitoring software and …!
4. Current User Management Concerns
Service Account
Why I Have to Ask Domain Administrator to Create Specific Account for
Specific Service?
I Can Run All Services By My User Account
Using same account to do administration things and run services and
applications is absolutely wrong.
5. Other Concerns
Policy Based Management, Name Resolution, …..
DNS = Not Implemented
Policy Based Management = Not Implemented
Group Management = Not Implemented
Any Automation = Not Implemented
Centralized Monitoring= Not Implemented
Do You Have Any Concern About Nothing!?
6. Other Concerns
Directory Service Components and Dependent Components
Active Directory is the properness directory service
Large Environments Needs Automation and Centralization
Directory S
ervice
S
ecurity Tools
(AV, FW, Assessment)
Management Tools
(Patch, Configuration, )
Devices
(S
erver, S
torage, )
OperatingS
ystem
(Windows, Linux, .)
Monitoring Tools
7. Examples
How Directory Service Resolve Our Concerns?
Integrating Active Directory with Red Hat Identity Management
Using Same Credential on Different Operating Systems