Using Human Resources data to automatically manage Active Directory
Directory Manager™ v2 allows organisations to utilise data held in Human Resource (HR) and other administrative systems to automatically manage the local Active Directory. It provides a host of facilities designed to save public sector organisations time and money by simplifying the management and integration of staff directory data.
Directory Manager™ provides the following:
- automated management of Microsoft Active Directory™ and Exchange™
- control of account lifecycle from creation of accounts to disablement of leavers
- automated email notification of staff changes to system administrators
- audit logging of directory changes providing evidence for information governance
- a directory portal for searches that permits staff to submit changes to their own record
- creation of independent secondary directories for sharing with external organisations
- establishment of an accessible database for use by in-house developers
- extensibility interfaces to simplify the development of electronic business processes
Benefits of using Directory Manager
Reduce administration costs - for
many organisations, Active Directory is one of their most dynamic databases with
significant numbers of accounts being added or changed each day. Traditionally,
administration often involves the processing of requests from employing
departments when staff join or leave. With Directory Manager, HR data is used to
generate pending transactions for staff being added, changing or leaving. This
is typically provided by the Electronic Staff Record (ESR) system in the NHS,
These transactions, once approved, automatically manage the related Active
Directory accounts, security groups, file system resources and Exchange
mailboxes.
Improve directory control - information governance best practice suggests that records of all changes to an
organisation's directory should be maintained. Using Directory Manager, the
source and details of account changes and those responsible for approving the
application of these changes to the directory are recorded in a central
database. These audit records can be examined by administrators permitting full
lifecycle audit trails to directory records to be reported through the web-based
portal. Access to pending transactions can be provided to department
administrators via this portal permitting those closest to staff changes to
review and approve transactions.
Integrate directory data - often additional attributes that relate to staff such as telephone numbers or
security details reside in secondary systems not related to the main HR system.
Directory Manager provides methods of integrating this data into the management
process allowing administrators to assemble comprehensive directory records. Controlled access to the resultant
directory records is provided through formatted file extract or by direct access
to the Directory Manager SQL database that stores copies of directory records.
Extracts can be formatted as required and sent via email on a prescribed
schedule making sharing of directory data with other system administrators a
simple task.
Engage the organisation - the portal can be accessed by all user of the directory. Non-administrative users
are able to search the directory and submit requests to change specific
attributes on their own record. These requests for change are fed back through
the management process and are subject to the same approval rules as other forms
of input. Directory Manager also provides a notification service that that can
be configured to send emails to key administrators when specific events occur
such as an account being created or disabled. These emails can be used to advise
interested parties such as team managers or administrators of remote systems to
trigger other activities such as creation of helpdesk tasks or manually updating
other systems.
Establish a development hub - the
entire Directory Manager suite is based on Microsoft development technologies
and uses .NET and SQL Server throughout. These are widely used technologies that
provide extensibility either by in-house development teams or through engaging
BDS Solutions who have been delivering development services to the public sector
for nearly 2 decades. BDS can assist organisations to tailor Directory Manager
to extend their Identity Management solution. As Microsoft Gold
Partners, BDS specialise in the integration with other Microsoft Enterprise
technologies such as SharePoint and Exchange.
We can provide immediate quotes and on-line or on-site demonstrations. Call BDS Solutions on 01884 33440 or email info@bds-solutions.co.uk to discuss Directory Manager™
Further Information
Download the Directory Manager literature
Case Study: Mersey Care NHS Trust