GroupID Self-Service is a simple, yet powerful, web-based directory and group management solution that can immediately reduce administrative costs and increase the accuracy of Microsoft Active Directory.
Managing Active Directory group membership and user attributes is a tedious job for administrators. Giving a web-based self-service option allows administrators to delegate active directory administration to end users. But you need controls. GroupID enables end users to update their own directory information and manage groups based on controls the administrators set. Group management is enhanced as users can create and manage their own groups, opt-in and opt-out of groups based on the security setting for that group. Group renewals and expirations are administered and controlled within GroupID Self-Service. Save your administrators time and effort by putting control of pertinent data in the hands of the end-users.
“Before Imanami, I had to staff several employees just to make changes. That is no longer the case. The products were easy to install, Imanami was great to work with and the systems virtually run themselves.”
“What more could you ask for?”
City of Atlanta’s CIO
GroupID Self-Service increases productivity for both IT and the business. To take advantage of Active Directory, the information within it needs to be accurate. Users need to have a quick, easy and secure way to update their pertinent personal information. Some attributes should be editable by the user (mobile phone, home address), some should be editable by the user’s manager (title, location) and some should only be editable by IT (email address). GroupID Self-Service gives all of these options with the additional ability to create workflows to give IT even more control, without more work.
According to a survey by Osterman Research, 81% of organizations manage their groups manually. This means that 4 out of 5 organizations have IT manually adding users to groups every time an employee is hired or changes positions. This takes up, on average, 6 hours per week per 1000 employees and, according to the same survey, 42% of users are still in the wrong distribution lists or security groups.
GroupID Self-Service delegates that burden onto a resource that has a vested interest in managing these groups, the users. A group owner can create a group, manage the membership, and make sure that the group is always accurate. The group owner can also open their group to allow other users to optzin to the group. IT can control the whole process with simple to set workflow.
One of the issues of opening groups up to users is the proliferation of groups, something we call group glut. If there are no controls in place, too many groups are created or worse yet, once useful groups are left “cobwebbed” in the Global Address List. The solution to this is group lifecycle. There are four steps to a group’s useful life:
GroupID Self-Service gives IT a complete group lifecycle solution, allowing users to manage their own groups but giving IT the control to keep it from getting out of hand. This group lifecycle solution allows you to control group glut on both security groups and distribution lists. When you expire a security group, GroupID will back-up the membership and then remove all members, effectively disabling the group until the group owner(s) renew it. When you expire a distribution list, the group is un-mail-enabled so that messages will bounce. In both cases, the group is appended with an exp- prefix and hidden from the ability to opt in or out.
GroupID Self-Service is a web-based portal that gives an intuitive front-end to Active Directory. Users and Administrators can update user attributes and create distribution lists and security groups based on permissions and workflow designed by IT. GroupID Self-Service improves on Active Directory in that it allows for multiple owners of groups, workflow on any attribute changes, security settings on view/edit with field-level security, customizable branding, and differing security settings on groups.
The simple to use MMC administrative interface allows IT to create multiple portals, manage workflow and group lifecycle, and easily brand the self-service portal. Giving access and control of user data to the users helps the organization be more nimble and productive; having control of who can do what helps keep the organization more secure. GroupID Self-Service gives you both.
GroupID is the industry’s most complete end to end group management solution. Manage a group from creation to its usage to expiration and on to deletion. Give your end users the ability to manage their groups with IT’s control.
Set an expiration policy on any and all groups. Group owner’s are notified before a group expires and is given the ability to renew them. Make sure a group is still useful for the business before allowing it to clutter up your GAL with an old unwanted group. Group lifecycle works on both AD security groups and Exchange distribution lists.
Manage your own groups
Group owners can manage the membership, lifecycle, and delivery restrictions on their groups. Add workflow to join groups, create restrictions on who can send to the group, and add/delete members.
Join & Leave groups
Users can opt in or opt out of groups depending on their security levels.
Any amount of groups or users can manage a group. All owners receive the same rights. All owners receive workflow notifications. Have an assistant manage your group or delegate it to your favorite employee!
Workflow on group creation
Allow users to create groups but give IT or their manager a chance to approve what they’re doing. Enforce naming conventions or security levels.
Enforcable naming conventions
Force a prefix (or even create a drop down list) onto all group names to standardize your GAL or distinguish groups in different departments.
Group security settings
Private: nobody can join
Semi-private: the owner has to approve the new member
Semi-public: the owner is notified that there is a new member
Public: anybody can join
Allow end users to manage their own attributes, change passwords, and manage workflow requests through a customizable web interface into Active Directory.
GroupID Self-Service allows you to set any fields to view, edit, or hide depending on a highly customizable set of roles. Allow only the users you want to manage attributes to manage them.
Notification & Workflow
Create workflow on any attribute changes with approvals going to managers, HR, help desk or admins. Very customizable and powerful workflow gives IT confidence in delegating.
Bad Word Filter
Apply a customizable list of bad words onto any attribute on any object to keep users from polluting the GAL with objectionable wording.
Allow end users to reset their own password.
Use Active Directory Security Groups to control access to resources in SharePoint. In many cases, SharePoint groups are redundant to existing Active Directory Security Groups, so why duplicate the management of permissions? Most IT AD administrators however would rather not delegate control to SharePoint Administrators or give access to the directory using Microsoft Windows Server administrative tools such as ADUC (Active Directory Users and Computers) or ADAC (Active Directory Administrative Center). Instead, they can safely delegate access to security group management in Active Directory with GroupID Self-Service’s friendly web-based portal. SharePoint administrators may also extend the portal with native integration by adding a button in the ribbon. Read more in the blog: A better way to manage AD or SharePoint group permissions.
A common use for GroupID Self-Service is that of a web-based directory based on the content of your Active Directory. Easily deployable as an intranet solution for your organization, the “Phonebook” role of Self-Service allows users to search and list content of users and contacts in the directory but not allow modifications.
Attributes in your Active Directory are exposed in the GroupID Self-Service portal. Choosing which attributes to display or allow to be modified is configurable. If you have extended the schema through common methods such as that which is extended by Microsoft with the deployment of Exchange or through a custom schema extension, these attributes can be exposed for use within the GroupID Self-Service portal.
GroupID Self-Service is designed to work in many disparate environments and includes built-in support for organizations with a cross-forest configuration. Administrators can delegate control over groups and users in environments where there are forests with established trust relationships.
Microsoft Windows XP Professional.
Microsoft Windows Server 2003 family
Microsoft Windows Server 2008 family (including 2008 R2)
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Internet Information Server 6.0
Microsoft .NET 2.0 required
Microsoft Active Directory with Exchange Server 2003
Microsoft Active Directory with Exchange Server 2007
Microsoft Active Directory with Exchange Server 2010
Microsoft IE 5.0 or higher is recommended but not required
2GHz* Pentium IV or higher
2GB** RAM or higher
100MB*** or more of hard drive space available for execution
* Or the minimum CPU required to run the operating system, whichever is higher.
** Or the minimum RAM required to run the operating system, whichever is higher.