Each and every Network Administrator can tell you the most boring, mundane, repetitive, time-consuming, and coincidentally crucial part of their job is creating and maintaining user logons, permissions, and group management.
It’s boring and mundane because it is a manual time-consuming process that takes the admin away from the more important, pressing tasks of keeping their networks up and running by performing upgrades, installs, and maintenance. It is the most important because if it is not done correctly or in a timely manner it will prevent users from logging in and having access to their necessary groups and folders, or users may accidentally have access and permissions to resources they shouldn’t. Additionally when users leave and their accounts are not disabled and/or removed is a serious security breach just waiting to happen.
Fortunately there is help. An Identity Management solution can help automate these mundane tasks making the process of account management more streamlined and efficient.
There is no need to have the manual processes of creating an account, assigning the right permissions and groups, creating email accounts, and home directories for a user. No more manually having to change a user’s permissions and group and folder access because of a job or office change. No more worrying over whether or not a user who in no longer with the company had all their accounts disabled or removed.
With an Identity Management solution in place these tasks can be automated to run in the background efficiently, quickly, and quietly. When it is time to create an account an automated routine can be written for each task such as:
- Network and Email account creation
- Set relevant attributes (Job Title, Office Address etc)
- Password generation
- Assigning permissions to directories and groups
- Assign the user account to the correct OU
- Home Directory creation
When changing an account is required either due to a user’s name, job, or location change:
- Update the username, display name, and email address
- Remove old permission and add correct new permissions and groups
- Move users to correct OU’s
- Move user’s home directories based on location rules
When the user is no longer with the organization Identity Management can ensure:
- The user account and email address are disabled and/or removed
- All permissions for the user account are disabled
- The home directory for the account is either removed or permissions are removed for the user and permission is transferred to the manager’s account.
Additionally, every time any of these functions is performed the Systems Admin has the option of receiving an email alert, a log file, or both. All manual account maintenance functions are automatic with emails, logs, and reports generated for compliance and reporting purposes. With an Identity Management solution in place a Systems Admin can rest assured that accounts are being created correctly and in a timely manner leaving the admin and his team to other more pressing network tasks.
