Hotline:+49 (0) 721 981840

Active directory services AD rights concept

Get even more security features out of active directory

With an AD rights management model you wil reduce the administrative burden and increase the security level, also. With role-based rights management models, you realize comprehensible and transparent authorization and authentication operations.

Figuring the enterprise in the IT

Functional roles in the company are mapped in Windows groups. With the role-based delegation of permissions you define:

• setting of administrative tasks
• limitation of execution rights
• limited ranges in the Active Directory directory service and in the IT peripherals
• the figures of administrative functions in IT applications

Thus, the permits are controlled. This is an important part of IT-security. The function role model continues to be the basis for identity management platforms and the integration of ITIL.

Transparency secures and saves workload

The decentralized distribution of IT administration groups and functional roles brings together the common administrative tasks in the it.
Prerequisites for a successful delegation of rights are:

• the mapping of the company organization chart in AD organizational units (OU)
• the definition of management roles within the work processes
• the figuring of the function roles in Windows groups

Even more security

A significant gain in security is based on the minimal rights within the entire AD infrastructure in all executive areas through limited Windows group memberships (least amount of privilege) and customized group policy applications.

Our services

  • Advice on AD right - and delegation concepts 
  • Recording of business processes and development of a rights strategy
  • Creation of a catalogue of actions for the AD delegation model
  • Organization design following organization chart and site topology
  • Mapping of management roles in a Windows-groups design
  • Suggestion of a rights matrix following "floating rights" principle
  • Delegation templates for group policy and Exchange user management
  • Delegated user help desk management for 1st-3rd level with on-board consoles (ITIL-compliant)
  • Delegated administration of function servers in the periphery
  • Script-based permissions and access list cleanup
  • Service account management in the framework of the rights concept
  • Monitoring functions for verification of delegations
  • Identity management consulting