|
In many organizations, there are more Active Directory groups than
there are users. Management of membership in these groups can be a
major problem:
- There is a high volume of change requests and
- users are not familiar with groups, and instead call the help
desk complaining about "access denied" errors.
The group membership management process is time consuming:
- Help desk calls are escalated to a security administration desk,
- The security desk must:
- locate the object which the user tried to access,
- find a group with suitable privileges,
- locate the group's owner and ask for permission.
All this happens before the simple task of adding the user to the group.
|
ID-Access® is software from Hitachi ID for managing membership in Active Directory
groups. It allows users, who may not be familiar with groups at all,
to initiate requests for group membership:
- Users make requests in reference to network resources,
such as shares and folders.
- ID-Access automatically maps these requests to security requests
for AD group membership.
- ID-Access locates group owners and uses an authorization workflow
to authorize the change.
Approved changes trigger new group memberships in Active Directory.
|