User Account Management Implemented at CentraState
|Problem||The IT staff was spending a tremendous amount of time and effort processing user accounts manually.|
|Solution||A secure and automated method for managing user account lifecycle in Active Directory and Exchange for their employees at six locations.|
|Products||User Management Resource Administrator (UMRA)|
|Result||A greater level of efficiency, network security and compliance with industry standard regulations.|
CentraState Healthcare System (Freehold, NJ) is a non-profit community health organization consisting of an acute-care hospital, three senior living centers, a health education and activities center, a family medicine residency program, and a charitable foundation. Regulatory compliance, and the ever growing need of doing more with less, is a reason for CentraState to continually improve their internal IT processes. Therefore CentraState HealthCare System recently embarked on a project to fi nd a secure and automated method for managing user account lifecycle in Active Directory and Exchange. Lauro Araya, Network Administrator, stated, "When the search started, our IT-staff was managing the process manually utilizing Microsoft Active Directory Users and Computers. This was a time consuming process and we wanted to avoid this manual intervention."
Link Between Lawson and Active Directory
As employees are hired by CentraState, their pertinent information is entered into the Lawson HR system. Conversely, as employees resign, a termination date is placed in the HR system. On a regularly scheduled basis, the User Management application starts a query to capture all employee data and begin the process of updating Active Directory. If the account already exists in AD, any updates, such as name, location or department changes are appropriately processed. If the account does not exist, it is created along with an Exchange mailbox, home directory and assigned to the appropriate Group Profiles based on job title and department. If the employee start date is in the future, the account is created but put in a disabled state until the date is reached when it is activated. Tools4ever made a lot of customizations to suite the special needs of the customer, for instance naming requirements for Active Directory and Exchange mailboxes. Business logic was also defi ned within the product to allow the automatic placement of users into the correct OU based upon their specific location and department. This location and department information is also utilized to insure mailboxes are created within the proper server and store. When an employee termination occurs, the information is processed by User Management and accounts are appropriately disabled on the date and then deleted after a specifi c period of time has passed. Information that is created during the Active Directory processing, such as User Account Name and e-mail address, is fed back to the Lawson database twice a day. This is done to insure that Lawson is accurate information that is created during the Active Directory processing, such as User Account Name and e-mail address.
Reduction of Spent Time
Approximately two weeks after commencement, the entire project was implemented and operational. The reduction in time spent by the staff managing user account lifecycle was tremendous. Commenting on the project, Mark Handerhan, IT Manager, stated, "TheTools4ever implementation was one of the most highly valuable, cost effective solutions that Iíve ever implemented. We have taken the manual intervention out of the equation for many mundane AD /user tasks, such as disabling network accounts. User accounts are now disabled in real-time once terminated in Lawson. I believe efficiency is the best seller here."
Security and Compliance
Mark Handerhan continues: "Besides the time reduction, the implementation provides us with a greater level of network security, while also assuring compliance with industry standard regulations such as HIPAA." In summary, the IT staff at CentraState can spend more time on mission critical support and planning while eliminating the requirements to spend time on routine user account tasks.Click here for the pdf file