Borna Active Directory Manager Help

Similar documents
Softerra Adaxes Enterprise Directory Solution

AD Self Password Reset Installation and configuration

Portal User Guide. Customers. Version 1.1. May of 5

Active Directory Cleaner User Guide 1. Active Directory Cleaner User Guide

Stellar Active Directory Manager

ManageEngine ADSelfService Plus. Evaluator s Guide

P-Synch by M-Tech Information Technology, Inc. ID-Synch by M-Tech Information Technology, Inc.

Delegated Administration Quick Start

VERALAB LDAP Configuration Guide

Table of Contents. Welcome to ADSelfService Plus Contact AdventNet Getting Started... 6

Advanced Audit Policy Configurations for LT Auditor+ Reference Guide

5 Challenges in Active Directory Management and How to Manage Them

ManageEngine ADManager Plus

Workflow Templates Library

With ADManager Plus, there are no extra installations required, and no OPEX, no dependencies on other software!

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

HIPAA Compliance Use Case

Fixes for CrossTec ResQDesk

User Management Guide

Z-Term V4 Administration Guide

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Effective Ways to Manage User Life Cycle in Active Directory

Collaborate.ets.org Password Setup & Recovery Guide. Table of Contents

EPM Performance Suite Profitability Administration & Security Guide

Creating Organizational Units, Accounts, and Groups. Active Directory Users and Computers (ADUC) 21/05/2013

We optimize your enterprise using Active Directory

Active Directory Self-Service Bundle

Reports, Features and benefits of ManageEngine ADAudit Plus

Managing users. Account sources. Chapter 1

NetWrix Password Manager. Quick Start Guide

econtrol 3.5 for Active Directory & Exchange Administrator Guide

Partie Serveur Lab : Implement Group Policy. Create, Edit and Link GPOs. Lab : Explore Group Policy Settings and Features

Administration Guide BES12. Version 12.3

Broker Portal Tutorial Broker Portal Basics

Active Directory Manager Pro New Features

Introduction to Google Apps for Business Integration

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

InformationNOW System Preferences

Kaseya 2. Quick Start Guide. for Network Monitor 4.1

Owner of the content within this article is Written by Marc Grote

Active Directory Self-Service FAQ

Kaseya 2. User Guide. for Network Monitor 4.1

Genesee Intermediate School District Technology & Media Services 2413 West Maple Avenue Flint, Michigan GenNET Self-Service Helpdesk Tipsheet

Reports, Features and benefits of ManageEngine ADAudit Plus

Kaseya 2. User Guide. Version 1.1

ADSelfService Plus Client Software Installation Guide

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

User Migration Tool. Note. Staging Guide for Cisco Unified ICM/Contact Center Enterprise & Hosted Release 9.0(1) 1

Service Desk R11.2 Upgrade Procedure - Resetting USD passwords and unlocking accounts in etrust Web Admin

Vector HelpDesk - Administrator s Guide

Virto Password Reset Web Part for SharePoint. Release Installation and User Guide

CLEO NED Active Directory Integration. Version 1.2.0

Group Management Server User Guide

PowerLink for Blackboard Vista and Campus Edition Install Guide

Version 6.5 Users Guide

Integrating LANGuardian with Active Directory

Microsoft Project Server 2010 Administrator's Guide

Quality Center LDAP Guide

User Management Tool 1.5

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

RES ONE Automation 2015 Task Overview

A Conceptual Overview for CMS Administrators, Architects, and Developers

Customer admin guide. UC Management Centre

NovaBACKUP. Storage Server. NovaStor / May 2011

Objectives. At the end of this chapter students should be able to:

Medworxx Learning Management System Administration Guide. Medworxx Learning Management System Version May 2011, Version 8

A List Owner s Quick Reference Guide to BGSU s LISTSERV

Bank OnLine Commercial Administrator User s Guide

Getting Started Guide

ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

6425C - Windows Server 2008 R2 Active Directory Domain Services

Master Data Services Environment

User Guide. Version R91. English

Dadeschools.net Site Administrator Security Settings Request for Comment (RFC)

account multiple solutions

Dell KACE K1000 System Management Appliance Version 5.4. Service Desk Administrator Guide

Windows Server 2008 R2: Active Directory and Server Manager Remoting

Table of Contents 1. INTRODUCTION: 4 2. ACTIVE DIRECTORY MANAGEMENT ACTIVE DIRECTORY OBJECTS PROVISIONING 6 Exercise 1: User Provisioning 6

ArtfulBits Password Reset Web Part

JIJI AUDIT REPORTER FEATURES

Gyanmandir Applications EMPLOYEE SOP FOR PMS ( )

Intel Entry Storage System SS4200-E Active Directory Implementation and Troubleshooting

R4: Configuring Windows Server 2008 Active Directory

Installing, Configuring, and Managing a Microsoft Active Directory

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Lepide Active Directory Self Service. Configuration Guide. Follow the simple steps given in this document to start working with

Kaseya 2. Quick Start Guide. for Network Monitor 4.1

Administrators Help Manual

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Windows Log Monitoring Best Practices for Security and Compliance

NetWrix Logon Reporter V 2.0

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425

NCAA Single-Source Sign-On System User Guide

How to monitor AD security with MOM

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services

Table of Contents. 1. Introduction Active Directory Management Active Directory Objects Provisioning..8

SAS 9.4 Management Console

Transcription:

Borna Active Directory Manager Help A BRIEF INTRODUCTION TO USE BRONA AD MANAGER IS PRESENTED IN THIS PAPER. Dana Pardaz Co. WWW.DANAPARDAZ.NET

Table of Content 1. Introduction... 3 2. Basic Configuration... 3 2-1. Connect to Domains... 4 3. Technician Management... 5 3-1. Creating a Technician... 5 3-2. Authentication Method... 6 3-3. Permissions... 7 3-4. Assigning Roles... 7 3-5. Permissions Based on Domain & OUs... 7 3-6. Role Management... 8 3-7. Managing Permissions... 9 4. User Management... 9 4-1. What is User Templates?... 9 4-2. Creating a User Template... 10 4-3. Creating a User... 11 4-4. Managing Users... 11 5. Computer Management... 13 5-1. What is Computer Templates?... 13 5-2. Creating a Computer Template... 13 5-3. Creating a Computer... 14 5-4. Managing Computers... 15 6. Group Management... 15 7. OU Management... 15 8. Reports... 16 Appendix 1. Upgrade/Extend Borne License... 188 2

1. Introduction Borna is a web-based software capable of managing Active Directory with several domains in a centralized fashion. It allows administrators to manage users and computers, make report from Active Directory and monitor Active Directory security. Most of the features available at Borna are not accessible with built-in tools in Windows. With more than 40 different and useful reports as well as bulk user management features, Borna is an ideal choice for many organizations. Some important Borna's features are as follows: Bulk user management Bulk computer management More than 40 informative and useful reports Automation of Active Directory task Centralized management of multiple domains Dashboard containing comprehensive information about users, computers and groups Non-invasive delegation of administration User/Computer templates to simplify and regularize user/computer creation process Ability to define work-flow operations Online notification of changes Simplified the process of changing passwords Quick and simple search in Active Directory Remote management of Active Directory with the web-based interface 2. Basic Configuration To start working with Borna AD manager, you should first configure some options. For instance, all domains should be introduced to Borna with a username which has necessary privileges. In this section, all you need to configure in order to be able to work with Borna AD manager is represented. 3

2-1. Connect to Domains Using Borna AD manager, you can manage multiple domains in a centralized fashion. To connect Borna to a new domain, click Edit Domains in Administration tab of Borna (Fig 1). Fig 1 Connecting to a new domain Then click Add Domain Controller and fill all the fields, as it is shown in Fig 2. Note: If the user you provided to connect to an Active Directory does not have administration privileges, you cannot perform any changes in Active Directory. However, it is still possible to see reports if the user has required permissions. After you connect Borna to a new domain, you can see basic information about than domain in Dashboard page of Borna. Fig 2 Configuration needed to connect to a domain 4

Fig 3 Borna Dashboard 3. Technician Management Borna AD manager has a capability to create technician account (which is not necessarily equivalent to user account in AD) and assign permission to different parts of Borna and AD. You can either manually create a technician or import the corresponding user account from AD into Borna. It is possible to create an account for each staff in IT department and assign required permissions based on their responsibilities. Note: Technician accounts used for AD managements are only defined in Borna and cannot be user to login to computers like AD user account. 3-1. Creating a Technician To define a new technician, click Technicians in Administration tab. Fig 4 Technicians menu in Administration tab The list of all technicians is available in this page. You can create or import new technician by clicking new. To import a user from Active Directory, click Import from AD in the Create Technicians window. 5

3-2. Authentication Method Fig 5 Create Technicians window You can indicate the authentication method of technicians in Borna. There are two possible methods: Borna Authentication: In this method, the authentication process checks the username and password defined in Borna. Active Directory Authentication: Using this method, you do not have to create separate technician accounts. This method allows an AD user to login to Borna without a technician account. When this option is selected, the authentication process itself is performed by Borna. 6

3-3. Permissions Borna enables a set of fine-grained permissions that fulfill the needs of IT managers. Most routine tasks regarding Active Directory can be performed by non-technical users, such as HR users. However, delegation of these tasks in Active Directory is very complex and will get out of control after a few delegations. Borna provides simple menu and interface to delegate various tasks and control them easily. You will learn how to configure technicians' permissions in the next sections. 3-4. Assigning Roles A technician can have several roles assigned to. Each role grants some privileges depending on its goal. You can define new roles in Roles page which is accessible in Administration tab. You can also indicate the permission associated with each role by clicking Permissions in Administration tab. Finally, one should indicate roles of each technician. To do so, click Permissions tab in Edit Technicians page. If you do not see this page, select a technician in Technicians page and click Modify. Fig 6 Assigning roles to a technician 3-5. Permissions Based on Domain & OUs In addition to specifying roles, you can also indicate domains and OUs a technician's roles apply. To understand its importance, imagine the following scenario: You have several domains distributed in several cities which has its own IT department. In this case, you can easily assign the permissions for creating users and resetting passwords to technicians in other IT departments. You want the HR staff to have permissions to create and modify users to reduce your work-load. At the same time, since some OUs contain critical users, you do not want HR staff to see or modify these OUs. 7

To restrict a technician's permissions on specific OUs or domains, click All Domains and then select domains and OUs to which the role apply. 3-6. Role Management Fig 7 Restrict roles on specific domains and OUs In Borna AD manager, each role contains a set of permissions needed to perform specific tasks. Borna is very flexible in this case which allows definition of new roles with arbitrary permissions. To do so, click Roles in Administration tab. Then click New Role. In this page, you can specify the users to which this role assigned. You can also copy the permissions from other roles to speed up the process of role creation. Fig 8 Create roles page 8

3-7. Managing Permissions To manage permissions, click Permissions in Administration tab. In this page, you can indicate the permissions of each role as it is shown in the Fig 9. 4. User Management Fig 9 Permissions page Administrators often face several difficulties dealing with routine and tedious tasks related to user accounts, such creating users, resetting passwords, deleting user, etc. In this section, only a few features of Borna AD manager will be introduced to show the gist of what this powerful software provides. 4-1. What is User Templates? Each company has its set of rules for user creation. For instance, some companies force IT department to set phone and address attributes of users. In some companies, email address filed in AD is very important since they might have a customized software which use the email address attributes of AD users. Some companies might be highly aware of security breaches and require all users to have specific logon hours and computers. However, there is no simple and efficient way to force technicians who create users to follow the company s policy. Even if they are responsible, they may sometimes forget to fill all the required filled. Borna AD manager provides a feature that solve this big issue. In Borna, one can create user templates. Basically, a template gives a customized page which shows only the required attributes of user with certain criteria. For 9

instance, you can make some attributes mandatory or set a default value for some common attributes like logon hours. This powerful features facilitate management and delegation. User templates have the following features: User templates can be set to have only the attributes necessary based on the company's policy. It is possible to set a default value for different attributes. This facilitates and speeds up the user creation process. It is possible to define as many templates as you want for different users and technicians. For instance, you can define 2 templates, one for users who are about to be created in HR OUs and one for IT OUs. Templates accelerates the process of user creation whose time is valuable for companies. By default, Borna has two predefined templates used for creating users with basic or advanced information. 4-2. Creating a User Template To define a user template, click Add/Modify User Templates in Administration tab and click New Template. A new page will be shown as it is shown in Fig 10. In this page, you can indicate which attributes are mandatory and which one is unnecessary (invisible). Default values can also be set. Fig کاربر الگوی 10 ایجادNew template شکل. 1 صفحه page 10

4-3. Creating a User After creating a user template, you can use them to create new users very efficiently. To do so, click Create New User in Domain Management tab. In this page, you can select the template to want to use. Note that only the templates that you have an access on will be displayed here. As you can see, the default values will be set automatically and you cannot create a user if you forget to fill one of the mandatory attributes. Fig 11 Create a new user with user templates 4-4. Managing Users Borna AD manager have tremendous features that extremely simplifies user management. In fact, many routine and important tasks about users are those that deal with users that already have an account in Active Directory, such as resetting password, unlocking users, etc. Some of these tasks which are crucially important are very hard to perform with default tools available in windows. 11

Some Borna's features regarding user management are as follows: Changing user password Enabling/Disabling user accounts Deleting user accounts Unlocking user accounts Specifying logon hours Specifying logon computers Moving users Modifying user membership Modifying Contact info Modifying profile settings You can reach the above items from Domain Management tab. In all the mentioned pages, you can select a set of user accounts and click Apply to do the operation. For instance, click Change Password from Domain Management tab. You can select several users here and then change their password based on your company's policy, as it is shown in Fig 12. Fig 12 Change password page 12

5. Computer Management Computers, like user accounts, are highly important Active Directory objects. Computers can also be created, disabled, enabled, deleted and modified similar to user accounts. Borna AD manager provides several features to simplify computer management as it does to user accounts. In this section, a brief overview of Borna's feature will be introduced. 5-1. What is Computer Templates? The way with which computers are created in Active Directory highly depends on an organization's policy. In the simplest fashion, computer objects can be created simply by providing their name. However, in most organizations, the local policy forces technicians to set most computer attributes which is indeed tedious and time-consuming. Computer templates, like user templates, allows administrator to create templates with predefined values and customized settings which speeds up the process and also force technician to fill necessary fields. Computer templates' features are listed as follows: A template indicates which attributes should be set, such as computer name, manager, member of, etc. A template can have a default value for some attributes so as to speed up the computer creation process (some attributes such as member of, and manager are usually set equal for computers in an OU). Several different computer templates can be created for different purposes and assigned to different technicians. 5-2. Creating a Computer Template To define a user template, click Add/Modify User Computes in Administration tab and click New Template. A new page will be shown as it is shown in Fig 13. In this page, you can indicate which attributes are mandatory and which one is unnecessary (invisible). Default values can also be set. 13

5-3. Creating a Computer Fig 13 Computer creation template After creating a user template, you can use them to create new computers very efficiently. To do so, click Create Computers in Domain Management tab. In this page, you can select the template to want to use. Note that only the templates that you have an access on will be displayed here. As you can see, the default values will be set automatically and you cannot create a user if you forget to fill one of the mandatory attributes. Fig 14 Creating a computer with computer templates 14

5-4. Managing Computers In addition to creating computers, Borna AD manager provides several useful features facilitating computer management in Active Directory. Some of them are listed below: Setting/Modifying computers' membership Resetting computer accounts Enabling computers Disabling computers Deleting computers Moving computers You can reach the above items from Domain Management tab. In all the related pages, you can select a set of computer accounts and click Apply to do the operation, as we have done for user management. 6. Group Management Borna AD manager allows you to create, delete or move groups, like other objects. In order to manage groups, click Domain Management and then click Group Fig 15 Group management features Management. 7. OU Management Borna AD manager also enables administrators and technicians to manage OUs in Active Directory. It is possible to create, delete and modify OUs as simple as possible in Borna. In order to manage OUs click Domain Management and then click OU Management. To create, delete, rename or modifying an OU, right click the OU and select an option. 15

Fig 16 OU management 8. Reports Using default built-in tools in Windows, you cannot see the list of users whose passwords are expired. In such cases, administrators should use complicated PowerShell commands or write an script which is only possible by expert administrators. Report in Borna AD manager divides into four categories: User reports Password reports Computer reports Group reports There are more 30 reports available in Borna. Some of the most important ones are as follows: All Users Locked Out Users Disabled Users Account Expired Users Soon-to-expire User Accounts Recent Logon Failures Users with Password Never Expires OS/Service Pack Based Computer Report Last Logged on Based Computer Report 16

Groups Without Members To see all reports available in Borna, visit Active Directory Reports page. Fig 17 Soon-to-expire user account reports In all reports, you can filter the output based on domains and OUs. After specifying the domain, click Generate to see the result. In Fig 17, Soon-to-expire user account are shown which can be easily disabled for security reasons. You can also indicate which attributes are to be shown as columns in generated reports (Fig 18). Fig 18 Attributes which can be selected as column in Borna's reports 17

Appendix 1. Upgrade/Extend Borne License In order to upgrade or extend Borna license, call our sales department first. Generally, you can see your license Fig 19 Guide menu information by clicking License Information from Guide menu (Fig 19). To activate Borna AD manager, you should first copy the Activation Code from License Information page and submit a request in this page. We will send you your license file as soon as possible. You should then click Open and select the license file and finally click Apply to activate Borna (Fig 20). Fig 20 License Information page 18

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information