Active Directory Management

The Most Comprehensive Active Directory Management Solution On The Market

Active Directory management has a key role in the IT environment of every organization. AD Guardian provides a software management suite that fills critical gaps in Active Directory Management, Microsoft AzureOffice 365, and Microsoft Exchange. It provides a full range of operations, Identity & Access Management, and enhanced security. It allows businesses to effectively, efficiently, and economically manage security – for both on-premise and off-premise systems, applications, and data. The Active Directory management suite consists of several distinct software modules that can be used independently or in any combination depending on the needs of each customer.

Active Directory management made easy

Easy Management: Give administrators AD superpowers to effortlessly manage many domains and secure all objects and applications from a single web console.
Advanced Reporting: Unrivalled deep visibility over your entire AD and Enterprise infrastructure with hundreds of OOTB reports with many customization options.
Delegation: Effortlessly delegate tasks to others via role-based access control while reducing high-privileged accounts; enhancing your security posture.
Workflow: Easily enforce proper governance for access control of resources (4-stage workflow). Allow resource owners to attest right people and have the right access with no exceptions with Active Directory management solution.
User and Access Provisioning: Policy-based user & access entitlement (de)provisioning, while securely managing user life cycle across multiple domains.
GPO Control: Take back control of unwieldy enterprise-wide GPO policies with our specialist solution that standardizes and properly secures enterprise infrastructure.
Real-Time Change Alerts: AD is very dynamic! It must be monitored in real-time (e,g, password-based attacks); know all changes, including those not picked up by events/SEIM.
SSPR: Secure Self-Password Reset via many mechanisms for many end targets, easily enforce and apply strong password policies with password ‘disallowed’ dictionaries.
Self Access Management (SAM): Dynamic groups, self-groups, and group membership management, with complete workflow via web/email and audit.
Multi-Factor Authentication (MFA): Enforce strong authentication using many auth factors (push/pull) for interactive/remote logins of Windows systems and applications. Bridge Azure MFA to on-premise applications.
Disaster Recovery – Objects | Attributes: Recover from unintentional or accidental changes to the most critical infrastructure – AD. Quickly recover any object down to a single attribute.
Disaster Recovery – Domain | Forest: If AD is severely breached or disaster strikes, your enterprise could be down for days/months; with our software, it will be a fraction of this time.
DirSync from OpenLdap: Easily and quickly adopt Office365/Azure AD without changing non-Microsoft infrastructure and directories like OpenLDAP.
Cloud Reports: Easily manage Office365 licenses and permissions via our extensive reports. Quickly know who has what permissions across the enterprise.
Cloud Identity Minder (CIM): IDP & Proxy Authentication that works with any identity store on the cloud or on-premise. Re-use corporate identities without exposing them to internet risks and remove the need for your applications to manage user life cycles.
Multi-Factor Authentication as a Service: Enforce strong authentication using many auth factors (push/pull) for interactive/remote logins of Windows systems and applications.

Active Directory management Features

Automated user, access, entitlement provisioning & de-provisioning: Secure, Simple & Scalable – The best way to manage user and access life cycle eEntitlements.
> Workforce and business are very transitionary in nature.
> Changes are happening to the workforce system of record on a daily or weekly basis.
> Not de-provisioning and revoking access is a “security risk”
> Automate users, and access control of the workforce creation, modification, and deletion via nightly runs to the IT directory and systems.
> You don’t have to develop a custom solution, adopt error-prone procedures and increase the security risk.
> Easy to use Web-based User Interface for Active Directory management, works in collaboration with Active Directory Manager pro.
> Simple to define templates and policies for provisioning and de-provisioning.
> NO Scripting and NO coding required.
> Decision templates.

Delegation & workflow management: Active Directory is the beating heart of your enterprise, It’s time to take the reins & get it under control. AD Guardian provides ALL aspects of operations management, including:
> Centralize and standardize Active Directory Management
> Securely manage user life cycle across multiple domains
> Policy-based user provisioning, access management, and de-provisioning
> Eliminates repetitive, routine, or complex tasks associated with Active Directory management
> Facilitates Single or Bulk creation, modification, and deletion of AD objects
> Allows secure management of all users and objects across multiple domains
> Automates user onboarding, access management, and employee and resource de-boarding
> User Life Cycle Management
> Workflow and attestations
> Delegation
> Simplified permission management, reporting, and audit
> File share management and permission reporting

End-to-end group policy management: Take back control of cumbersome and unwieldy enterprise-wide GPOs. Active Directory Group Policy Management allows users administrators to implement specific configurations for users and computers. Group Policy settings are contained in Group Policy objects (GPOs), which are linked to the following Active Directory service containers: sites, domains, or organizational units (OUs).
> Change control and rollback.
> Helps prove compliance to ITIL, MOF, SOX, Base I II, HIPAA, and C-198.
> Simplifies and automates critical tasks, and reduces outages by eliminating manual processes and scripts.
> Improves availability and disaster recovery via backup and rollback capabilities.
> Simplifies and improves network security by restricting access to production GPOs.
> Archives all GPO settings.
> Version Comparisons: Quickly verify setting consistency and improve GPO auditing with advanced, side-by-side GPO version comparisons at different intervals.
> Delete version history: to manage and reduce the size of the backup store.
> Undo GPO changes: Rolled back to previous versions.

Passwords, access & profile management: Banish password-related headaches with the enterprise-grade super solution for Active Directory management. The easiest, most efficient way to manage your organization’s users, computers, resources, accounts, and password resets using the Active Directory, Azure AD, Office 365, and OpenLDAP.
> Reset & Unlock your password with 3 interphases (Web, Mobile, Windows logon).
> Supports Active Directory, OpenLDAP, Other LDAP-compliant directories, Azure AD or Office365, Salesforce, and Google apps.
> Out of box Password dictionary – black list passwords.
> Notifications for password expiry, locked users, email inbox threshold.
> Password Synchronization to many targets like OpenLDAP, Active Directory, office365, azureAD, salesforce, google apps, etc.
> Self-group creation, and membership management for both distribution and security groups with a simplified workflow via email, audit, and attestation.
> Temporary security group membership.
> Searchable employee directory and other resources, very customizable. Whitepages ala phone directory.
> Proxy authentication and Web API to authenticate the directory with your built-in application. SDK for integration
> Reports for directory, user, audit, and much more.

MFA for virtual machines or system login: Protect your Windows Servers, Desktops, Laptops, Tablets, and Virtual Systems in the enterprise & cloud. Imagine unauthorized access to your computer that has everything in it. If the password is compromised then the following may happen.
> The hacker will have access to all your data, critical files, email, contacts, photos, etc.
> Login to all of your internet accounts.
> Pretend to be you and send unwanted or harmful emails to your contacts.
> Use your account to reset the passwords for other accounts (banking, shopping, etc.)
> Multi-factor authentication assures your data and accounts are protected and significantly reduces the chance of being hacked by all intruders.
> SDK for integration.
> Token-based – Generic USB key.
> Challenge-Response questions.
> Out-of-band OTP sent as SMS on phone.
> Out-of-band OTP sent to registered email.
> Google & Microsoft Authenticator.

Disaster recovery: When disaster strikes make sure your enterprise is only down for minutes, not months. Quickly and accurately back up your Active Directory, and painlessly recover your Active Directory objects when needed down to a single attribute. You can recover the complete domain or different AD objects.
> Active Directory is one of the most critical components in a Windows environment.
> Unintentional changes do happen! How to go back to the previous state?
> AD disaster recovery at the object and attribute, and directory level
> Allows undelete of partitions, containers, and objects down to single attributes
> Restores both system and non-system attributes
> Restore GPOs, groups, OUs, and user objects – easily go back to the previous state
> Easy to use Web-based User Interface
> Backup Active Directory on demand on schedule
> Recover from disaster and corruption of objects, containers, domain controller, domain, and forest
> Bare-metal recovery for the domain controller, domain, or forest

Real-time change alerts & management: AD is dynamic and changing all the time, make sure you know what’s going on in your enterprise. Active Directory changes daily, yet most IT organizations are unaware of the changes until something breaks. This leads to downtime, loss of productivity, security breaches, and higher costs of management and troubleshooting. Furthermore, not all changes generate events, so a typical SIEM solution will miss many changes.
> Active Directory changes behind the scenes constantly (not visible with native tools).
> Critical to take immediate action for any unauthorized changes to “access control”.
> Relying on just an event log is not sufficient and may be fatal.
> Monitor all Active Directory activities including administrative activities.
> Real-Time Notifications to administrators for immediate action.
> Changes logged for analysis and archiving.
> Easy lightweight solution – 100% web-based.
> Detects who changed what and when (so you can more easily find out why).
> Filters to get notifications only for critical objects.
> Enterprise-class scalability.
> Changes logged for analysis and archiving.
> Reports are easily generated for the easy meeting of regulatory compliance

AD & Enterprise advanced reporting: Day-to-day Active Directory management and compliance are a piece of cake with our powerful reporting tools. Active Directory Reporter helps with compliance and day-to-day status checks by accessing, interpreting, and presenting the raw data into meaningful reports. These reports allow the administrator, senior management, and auditors to obtain accurate insight into the Active Directory Infrastructure.
> Complex tasks are simplified (no scripting needed)
> 100% web-based – manage Active Directory from anywhere and any PC running a browser.

You can also do an AD password reset using the Enterprise Self-Service tool.

Request a Quote
close slider