This document discusses four big problems with managing Active Directory and provides potential solutions using ScriptLogic products. The four problems are: 1) AD's native tools are terrible for data protection and recovery. 2) Group Policy management is time-consuming and difficult with native tools. 3) Delegation of control in AD is unnecessarily complex. 4) Auditing in AD generates far too many useless log entries. ScriptLogic offers products that provide simplified backups and recovery, group policy management, delegation of permissions, and centralized auditing to address these common AD management challenges.
Why Teams call analytics are critical to your entire business
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solutions
1. Solving 4 of Active Directory Management’s
Biggest Problems with Simple Solutions
Dial In: +1 (646) 307-1720
Access Code: 327-144-572
Or use your computer speakers
Greg Shields Todd Tobias
Partner and Principal Technologist Product Manager
www.ConcentratedTech.com ScriptLogic
2. About the Speakers
Greg Shields
Greg is a Senior Partner and Principal Technologist with Concentrated
Technology. He is a Contributing Editor for TechNet Magazine and Redmond
Magazine, and a Series Editor for Realtime Publishers. Greg is a sought-after and top-
ranked speaker, seen regularly at conferences like TechMentor, Tech
Ed, VMworld, and more. He is a multiple recipient of Microsoft "Most Valuable
Professional" award with has received VMware's vExpert award.
Todd Tobias
Todd is a Product Manager for ScriptLogic, having joined the company in 2007. He
has almost 20 years of experience in Microsoft platform management, having
successfully managed 5 products focused on AD Management, backup &
recovery, file server management, migration and compliance.
3. About ScriptLogic
• Founded in 2000
• Focus on 4 key areas:
• Desktop Management
• Help Desk Management
• Server Management
• Active Directory Management
• Customer Base
• 30,800+ customers worldwide
• From SMB to Fortune 100
• Headquartered in Boca Raton, Florida
• Subsidiary of Quest Software since 2007
5. AD Management
is a Ticking Time Bomb
In no other system are the greatest responsibilities
given to individuals with the least experience.
6. AD Management
is a Ticking Time Bomb
In no other system are the greatest responsibilities
given to individuals with the least experience.
Systems Architect / Engineer
Systems Administrator
Help Desk Personnel
7. AD Management
is a Ticking Time Bomb
In no other system are the greatest responsibilities
given to individuals with the least experience.
More Responsibility
Systems Architect / Engineer
More Experience
Systems Administrator
Help Desk Personnel
8. Four Big Problems:
The Disgruntled AD Admin’s
Must-Fix Cheat Sheet
Consider these your 2012 goals for fixing AD…
Backup and Recovery that lets you sleep at night.
Group Policy Management that’s actually useful.
Delegation of Control that won’t scare you.
Auditing that’s actually rational and useful.
16. What Does ScriptLogic Offer?
• Quick recovery of AD objects and attributes
• Recovery of passwords for AD objects
• Ability to backup remote domain controllers
• Centralized administration
Demo!
17.
18. When Does What Apply?
How Do I Roll Back Really Stupid
Things?
When Did That Change?
19. Who Can Do What? When Does What Apply?
How Do I Roll Back Really Stupid
Why Can’t I Edit Offline?
Things?
What Am I Actually Changing? When Did That Change?
22. What Does ScriptLogic Offer?
• Backup, recovery & rollback of Group Policy
• GPO history for comparing versions & changes
• Off-line repository for GPO testing
• Ability to model Resultant Set of Policies (RSoP)
• Support for multi-forest environments
• Ability to troubleshoot problematic GPOs
Demo!
23. Big Problem #3: The Simplest of
Delegation is Scarily Complex
24. Big Problem #3: The Simplest of
Delegation is Scarily Complex
Granularity that far exceeds
the needs of most environments
25. Big Problem #3: The Simplest of
Delegation is Scarily Complex
Too many places to delegate;
no way to find them later.
26. Big Problem #3: The Simplest of
Delegation is Scarily Complex
Permissions that make sense to
probably four people in the entire
world.
29. What Does ScriptLogic Offer?
• Role-based delegation
• Templates for easy permission delegation
• Ability to locate AD objects
• Centralized reporting of permissions
• Ability to manage multiple domains
Demo!
30. Big Problem #4: Whoever
Designed Auditing must have been
Paid by the Event Log Entry
31. Big Problem #4: Whoever
Designed Auditing must have been
Paid by the Event Log Entry
Open, Edit, Save, and Close
a Notepad File = 106 New Events
32. Big Problem #4: Whoever
Designed Auditing must have been
Paid by the Event Log Entry
Windows 7 and 2008 R2 expand the original nine
audit policies to over fifty!
33. Big Problem #4: Whoever
Designed Auditing must have been
Paid by the Event Log Entry
Log data is still stored on each
individual server
36. What Does ScriptLogic Offer?
• Central auditing of AD changes
• Ability to search and filter on event data
• Automatic actions based on specific events
• Configurable real-time alerts
• Automated event purging
Demo!
37. Four Big Problems:
The Disgruntled AD Admin’s
Must-Fix Cheat Sheet
Consider these your 2012 goals for fixing AD…
Backup and Recovery that lets you sleep at night.
Group Policy Management that’s actually useful.
Delegation of Control that won’t scare you.
Auditing that’s actually rational and useful.
So, time…or money…?
38. Resources
• Active Administrator
• 30 Day Evaluation
www.scriptlogic.com/AA
• Greg Shields
www.ConcentratedTech.com
39. Resources
• Auditing: ChangeAuditor for AD
www.scriptlogic.com/products/change-auditor
• Restore: Recovery Manager for AD
www.scriptlogic.com/products/recovery-manager-for-active-directory
• Provisioning: ActiveRoles Server
www.scriptlogic.com/products/active-roles-server
• GPO Management: GPOADmin
www.scriptlogic.com/products/gpoadmin/
40. “SMB IT Simplified”
www.scriptlogic.com/smbit
• Real-world articles
• Industry experts
• Vendor-agnostic
Connect with us and Win!
Welcome to Solving 4 of Active Directory Management’s Biggest Problems with Simple SolutionsWe’ll get started in about 5 minutes to give everyone a chance to joinAfter 5 minutes:Hi everyone and welcome to Solving 4 of Active Directory Management’s Biggest Problems with Simple SolutionsI’m Ryan Oistacher of ScriptLogic and I am here today with Greg Shields of Concentrated Technology and Todd Tobias of Script Logic
GregGreg Shields is a Microsoft MVP and renowned author and speaker in the IT community. His work can often be seen in Microsoft TechNet Magazine and Redmond MagazineHe frequently speaks at IT events like TechMentor, the Microsoft Management Summit, Microsoft TechEd and othersToddTodd Tobias is a Product Manager at ScriptLogic with over 20 years in Microsoft platform management His specialties include AD management, backup & recovery, file server management, migration and compliance
Now in today’s webinar, we’re going to com
Single solution for extensive AD management One integrated consoleCentralized management of AD’s & Group Policy’s most important aspectsSaves time by not having to toggle from solution to solutionAnd gives the most control knowing you can do everything from a central console
Recovery TabSo what do you do if disaster strikes? As IT professionals, it’s our job to reduce user downtime and maintain business continuitySo Active Administrator offersFast recovery from accidental changes and administrative errorsYou can recover passwords for AD objects that you deletedYou can conveniently back up remote domain controllersAll from a central consoleTodd show us recovery
GPO management tabManaging GPOs:Tedious in generalSo many things can go wrongAnd I’m sure many of you have other tasks you focus on than just GPO Management. Active Administrator’s GPO Management gives you more time to focus on other tasksWith the GPO management aspect you canBackup, recover and roll back GPOsHistory to easily reference versions and changesOff-line environment for “safe” GPO testingModeling of Resultant set of policies so you can see how GPOs would work in your environmentSupport for multi forest environmentsAbility to troubleshoot problematic GPOsTodd show GPO management tab
Security and DelegationSo security is a big concernObjects can be accidently deleted or modifiedOver-permissioned users happen, so you’ll want an easy way to delegate the right permissions to the right usersAlso, you might be in a scenario where you want to control who can do what in Active DirectoryThat’s why Active Administrator offersSimplified and standardized security management. The ability to ensures consistent delegationAbility to search for AD objectsCentralized reportingAbility to manage multiple domains Todd show us how security and delegation works
Auditing complexity is increasingAbility of native tools to audit isn’tIf you have basic compliance requirements, you could benefit fromAudit trail for ADAbility to search for eventsFormatted reportsReal time alerts Event purging
Quest and ScriptLogic offer several other AD management solutionsActive Administrator is a great foundation for AD management, but if you want to expand intoAuditingRecoveryProvisioningGPOManagementCheck outChangeAuditor for ADRecovery Manager for ADActiveRoles ServerGPOADmin