Presentation is loading. Please wait.

Presentation is loading. Please wait.

EControl for Mixed Networks Aldo Zanoni B.Ed., B.A. CEO, Managing Director Omni Technology Solutions Tel: +1 780-423-4200 Web-based, “ZERO.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "EControl for Mixed Networks Aldo Zanoni B.Ed., B.A. CEO, Managing Director Omni Technology Solutions Tel: +1 780-423-4200 Web-based, “ZERO."— Presentation transcript:

1 eControl for Mixed Networks Aldo Zanoni B.Ed., B.A. CEO, Managing Director Omni Technology Solutions Tel: +1 780-423-4200 aldo@omni-ts.com Web-based, “ZERO Rights” Delegated User Account Management, Account Creation and User Self-service eControl for Mixed Networks GWAVACon presentation October 18, 2008

2 © Novell Inc. All rights reserved 2 Session Overview What is eControl? What Pain Does it Relieve? 1 Where does eControl fit? Three eControl Modules Future of eControl 2 Why Companies Need / Buy eControl 3 4 5 Questions and Answers – Prize Draws EMU – Bulk User Management Utility 6 7

3 © Novell Inc. All rights reserved 3 What is eControl? eControl is a web-based, “ZERO-Rights” delegated, enterprise user account management, provisioning tool and user self-service for users of Novell eDirectory, GroupWise and NetMail; Microsoft Active Directory and Exchange systems and Lotus Notes* and OpenLDAP*. eControl delivers an immediate return on investment. It enables an enterprise to efficiently and inexpensively implement secure user account management and provisioning services across multiple and mixed network operating systems and e-mail systems. *Version 3

4 © Novell Inc. All rights reserved 4 eControl for Mixed Networks

5 © Novell Inc. All rights reserved 5 eControl for Mixed Networks eControl relieves the pain caused by needing to use multiple applications to manage mixed and multiple Novell eDirectory, Microsoft Active Directory, Novell NetMail, Novell GroupWise and Microsoft Exchange systems. eControl replaces iManager, ConsoleOne, NWadmin, Microsoft Management Console, Taskpads for help desk operators, junior administrators and delegated staff.

6 © Novell Inc. All rights reserved 6 Where Does eControl Fit? As a pre-curser to IDM deployments To fill gaps caused by exceptions to standard IDM managed processes. As a perfect fit for companies that are too small or don’t have the need or resources to implement a full IDM solution. Where there is an overlap between eControl and IDM, eControl can be used as a complementary “exception gap filler” to resolve the 10% problems that cause 90% of the challenges in IDM deployments. eControl’s three-hour, non-intrusive deployment, brings immediate pain relief for: 1. Secure, delegated user account management 2. Wizard-based user account creation 3. User self-service options

7 © Novell Inc. All rights reserved 7 Sample eControl Clients US Government Department (2003) – 1,000 eDirectory and GroupWise accounts. Will expand to include 3,500 AD and Exchange accounts. IDM in planning. Our second customer. Major Global Retailer (2006) – 70,000 accounts in IDM vault, 3,500 GroupWise and eDirectory accounts in production tree. Best-known customer. Global Marketing Group (2004) – Started with 7,500 eDirectory and GroupWise accounts. Migrated from GroupWise to Lotus Notes last year. Now uses eControl to manage 30,000 accounts. US State Government (2006) – 7,000 eDirectory and GroupWise accounts. First step in their strategy to consolidate 20 different GroupWise systems into a data centre. Manufacturing Corporation (2002) – 5,000 eDirectory and GroupWise accounts. Expanded to a third production shift without adding any help desk staff. Small Mortgage Company (2005) – 150 eDirectory and Exchange accounts. Smallest customer.

8 © Novell Inc. All rights reserved 8 Recent eControl Clients National Grocery Retailer Chain in Chile – Initial deployment of 2,500 Active Directory and Exchange 2007 (Total of 15,000 accounts). County Government in California – 5,400 eDirectory and GroupWise accounts, 200 Active Directory and Exchange accounts. 5 separate eDirectory Trees share a single GroupWise system. County Government in Michigan – 1,800 eDirectory, Active Directory and GroupWise accounts. Adding IDM in September. US State Department of Correction - 2,500 accounts eDirectory and GroupWise US Federal Government Department – 3,500 accounts for eDirectory, GroupWise and Active Directory

9 © Novell Inc. All rights reserved 9 Published eControl Success Stories City of Greater Sudbury – 1,150 eDirectory and GroupWise accounts. Looking at IDM in the future. Success story on our web site. Contact: Vic.Liimatainen@city.greatersudbury.on.ca Wilfrid Laurier University – 17,000 eDirectory, NetMail and GroupWise accounts. Success story on our web site. Contact: Andrzej Gadomski, agadomski@wlu.ca http://www.omni-ts.com/success.html

10 © Novell Inc. All rights reserved 10 What IDM Customers Tell Us A fully integrated Identity Management solution is the Holy Grail of most companies. However, we know there are many companies, big and small that struggle with the “big” step processes involved in achieving a fully automated identity management and account provisioning solution. For certain companies, achieving the IDM holy grail is more difficult and time consuming than expected. In many cases, IDM implementations are similar to SAP in that the implementation involves an all encompassing, process-driven, multi-department, all impacting solution. This difficulty is not caused by the technology. It is caused by the systemic complexity created by the multitude of access roles and rules that need to be defined to automatically manage access rights across mutliple systems as processes change.

11 © Novell Inc. All rights reserved 11 Why Companies Buy eControl eControl delivers an immediate solution to provide web- based, “ZERO-Rights” user account access administration and provisioning. It allows the IT manager and the security administrator to determine who can carry out what user account management tasks against which accounts. eControl allows the CIO and IT department to focus on contributing to the company’s high-value business processes rather than having to be concerned with the administration of user access rights across multiple systems and related security issues.

12 © Novell Inc. All rights reserved 12 Why Companies Buy eControl eControl appeals to different and levels of decision makers because of intersecting and complementary objectives: – CIOs look to improve the efficiency of IT staff allocation and allow highly-trained, scarce resources to focus on delivering business value through IT integration initiatives. – CFOs look to implement cost containment strategies. – CSOs look to to satisfy legislative or internal user account management and data access security requirements. – Business unit managers and service desk managers look to increase user productivity and time effective user management change.

13 © Novell Inc. All rights reserved 13 Why Help Desk Departments Buy eControl Cross-platform, multi-system, controlled and restricted interface to delegate standard account management tasks to Help Desk Operators and non-technical staff. Help Desk Module allows managers or HR to be responsible or account enabling/disabling without any associated security risks Delivers real-time user account management changes with full audit trail. Significant time and cost savings in training non-technical staff how to use eControl. It takes 15 minutes to train a new Help Desk staff member!

14 © Novell Inc. All rights reserved 14 Why Security Administrators buy eControl They are responsible to ensure internal and external information and security compliance requirements are satisfied eControl allows the removal of all trustee assignments, system rights, permissions and related user account access rights from the native operating systems By completely removing trustee assignments and permissions from user account eControl allows Security Administrators to have 100% control over the security failure points on the system eControl provides a complete audit log of all transactions - for everything from password changes to adding or removing a user from a group

15 © Novell Inc. All rights reserved 15 Why CFOs Buy eControl – eControl delivers cost avoidance. eControl allows a company to not have to increase the number of IT staff to carry out user management tasks. – eControl delivers significant cost reduction by making it simple for non-technical (less expensive) clerical staff to be assigned user account provisioning and administration tasks – User self-service significantly decreases costs related to the number of password change and demographic change requests that would otherwise need to flow through a help desk environment

16 © Novell Inc. All rights reserved 16 Why Companies Buy eControl Account Create wizards allow non-technical HR people to create accounts Account Create ensure unique account and email ID across multiple systems User Self-service turns GroupWise into an internal list server by allowing users to subscribe to and unsubscribe from GroupWise distribution lists Password self-service supports GroupWise Provides access to all eDirectory attributes including extended Schema values XML format allows for complete customisation of fields and values exposed to users

17 © Novell Inc. All rights reserved 17 Why Companies Buy eControl eControl enhances compliance with HIPAA, Sarbanes-Oxley and other security and privacy legislation through increased security and controls in the following areas: – Authentication and Authorization: All system rights are removed from all accounts and replaced with explicit task assignments based on group membership. – Configuration and Change Management: Only those users who have been authorized to carry out user configuration and changes are able to do so. All changes made by administrators in the eControl administration and configuration application are tracked and can be made available for audit. A record of all administration changes that are made is maintained so the state of eControl at any previous time can be determined. – Segregation of Duties: eControl can be configured to ensure that no single person has rights to carry out access management and be responsible for auditing, initiating or approving incompatible activities in those systems. – Documentation and Reporting: eControl's audit log and tracking strategies provide support for appropriate reporting on each participant's role and acitivites in the user management and account provisioning process. eControl keeps track of who did what, when. (See Sample Log.) Future enhancements to eControl will allow for non-technical resources and auditors to run web-based, ZERO-Rights audit reports to support Sarbanes-Oxley and other reporting requirements.

18 © Novell Inc. All rights reserved 18 Sample Account Change Audit Log Date; Numeric Action Id; Action Description; Status; Source; Login Account; Parameter(s);;; Module 2/2/2006 9:50:19 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin5,ou=HDO,ou=Berlin,o=ACME;;;HelpDesk 2/2/2006 9:52:42 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin1,ou=HDO,ou=Berlin,o=ACME;;;HelpDesk 2/2/2006 9:52:50 AM;1011;Group Membership Viewed;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin1,ou=HDO,ou=Berlin,o=ACME; LDAP://10.10.2.16:389/cn=AaJacob,ou=Berlin,o=ACME;;HelpDesk 2/2/2006 9:53:00 AM;1051;Directory Password Changed;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin1,ou=HDO,ou=Berlin,o=ACME; LDAP://10.10.2.16:389/cn=AaJacob,ou=Berlin,o=ACME;;HelpDesk 2/2/2006 9:53:01 AM;1052;Email Password Changed;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin1,ou=HDO,ou=Berlin,o=ACME; LDAP://10.10.2.16:389/cn=AaJacob,ou=Berlin,o=ACME;;HelpDesk 2/2/2006 9:53:24 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin2,ou=HDO,ou=Berlin,o=ACME;;;HelpDesk 2/2/2006 9:53:35 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin3,ou=HDO,ou=Berlin,o=ACME;;;HelpDesk 2/2/2006 9:56:24 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=HDOBerlin3,ou=HDO,ou=Berlin,o=ACME;;;HelpDesk 2/2/2006 10:19:54 AM;10;Authentication Attempt;True;10.10.2.21; LDAP://10.10.2.16:389/cn=Stephane,o=DEV;;;HelpDesk 2/2/2006 10:20:01 AM;1021;GW Distribution List Membership Viewed;True;10.10.2.21; LDAP://10.10.2.16:389/cn=Stephane,o=DEV; LDAP://10.10.2.16:389/cn=HDOBerlin3,ou=HDO,ou=Berlin,o=ACME;;HelpDesk

19 © Novell Inc. All rights reserved 19 eControl for Mixed Networks Edirectory and NetMai: LDAP and native APIs GroupWise: Win32 APIs Active Directory and Exchange: LDAP and native APIs OpenLDAP LDAP Lotus Notes: Notes APIs Web-based Modules:

20 © Novell Inc. All rights reserved 20 “ZERO-Rights” Modules Help Desk User Management (HD) – Provides Help Desk Operators with the ability to carry out the “TOP TEN” user administration tasks – in a web browser. NO rights required! Account Create / Manager (AC) – Allows HDOs to create users based on eControl profiles and Account Create templates User Self-Service / Self-Administration (USS) – Allows you to set which user fields can be updated or modified by a user in the web interface Contact Lookup (CL)* – Allows users to retrieve configured information from eDirectory (phone numbers, etc.) Sarbanes-Oxley Reporting (SOX)* – Allows “ZERO Rights” web-based access to security and audit reports by non- technical staff *Version 3

21 © Novell Inc. All rights reserved 21 HD User Account Management Tasks eDirectory and GroupWise 1.Manage Account Password and Strong Password 2.Manage GroupWise Password & Strong Password 3.Enable / Disable User Accounts 4.Manage Group Memberships 5.Manage Organizational Roles 6.Set Password Restrictions 7.Release Intruder Lockout 8.Create User Identification Information 9.Manage Login Information (Login Script and Profile) 10. Manage Login Restrictions 11. Manage GroupWise Distribution Lists 12. Manage GroupWise Options (Visibility, Expiration Date) 13. Manage NetMail Account Status

22 © Novell Inc. All rights reserved 22 HD User Account Management Tasks Active Directory and Exchange 1.Manage Account Password and Strong Password 2.Enable / Disable User Accounts 3.Manage Group Memberships 4.Manage Exchange Mail Groups 5.Release Intruder Lockout 6.Create User Identification Information 7.Manage Account Expiration Date

23 © Novell Inc. All rights reserved 23 Account Create Module Tasks Provision accounts based on eControl Account Create wizard linked to eDirectory / Active Directory profiles (e.g., home directory, group memberships, email account and all other account information Customizable user-required fields (e.g., first name, last name, middle initial, phone number, department, mobile number, etc.) Creates user name based on specified naming convention and requires name to be unique across all configured systems

24 © Novell Inc. All rights reserved 24 User Self-Service Module Tasks Subscribe / Unsubscribe from email distribution lists and groups Select challenge-response phrases and provide answers to enable web-based, “forgot my password” management Update eDirectory fields, including extended schema values, that have been enabled by the Administrator (e.g., mobile number, pager, etc.)

25 © Novell Inc. All rights reserved 25 Hardware / Software Requirements Windows 2000 with IIS 5 or 6 Windows 2003 if GroupWise support not required Security certificate for SSL Microsoft Message Queuing (MSMQ) Novell Client 4.9* Novell GroupWise 5.x, 6.x or 7 Client* MSSQL, MSDE or Schema Extension to provide “forgot my password” self-service MSSQL or MSDE for audit trail archiving Novell NetWare*, OES*, SUSE Linux*, Windows NDS Version 8.5 or any version of eDirectory Any version of Active Directory * Target system specific

26 © Novell Inc. All rights reserved 26 Is eControl Right for You? Is your Help Desk or IT department often the bottleneck in your user account management and provisioning process? Do your Help Desk operators have more rights than they should on your network because they need to carry out certain account management tasks? Does your account management and provisioning process comply with internal or SOX regulatory security, privacy and audit report requirements? Are you running GroupWise on Windows or Exchange with eDirectory and/or multiple eDirectory and Active Directory environments? Does your Help Desk need to run multiple user account management tools?

27 © Novell Inc. All rights reserved 27 Is eControl Right for You? Have department mergers or corporate acquisitions made your user account creation and management tasks cumbersome and complex? Are costs increasing and productivity decreasing due to the training required for Service Desk Operators to use a combination of ConsoleOne, NWAdmin, iManager, Microsoft Management Console or custom Task Pads? Terrified about the consequences of a Help Desk Operator or junior administrator hitting the delete key on the wrong object or accessing information they shouldn’t? Need to deploy user password self-service or user self-service for GroupWise in a multiple or mixed eDirectory, GroupWise, Active Directory or Exchange environment? Are you being asked to manage and integrate more complex systems with fewer resources?

28 Question and Answers Aldo Zanoni B.Ed., B.A. CEO, Managing Director Omni Technology Solutions Tel: +1 780-423-4200 aldo@omni-ts.com

29 © Novell Inc. All rights reserved 29 Appendix - Screenshots * Target system specific Active Directory Group Membership eDirectory Group Membership eDirectory Restricted Tasks eDirectory All Tasks Change eDirectory Password Manage GroupWise Distribution List Set eDirectory Password Restrictions Set Active Directory Identification Set eDirectory Identification Account Create System Configuration Search Context Configuration Account Create Configuration Add Group to a Task Configure Forgot Pwd Questions Help Desk Operator Tasks System Configuration

30 © Novell Inc. All rights reserved 30 Active Directory Group Membership

31 © Novell Inc. All rights reserved 31 eDirectory Group Membership

32 © Novell Inc. All rights reserved 32 eDirectory Restricted Tasks

33 © Novell Inc. All rights reserved 33 eDirectory All Tasks

34 © Novell Inc. All rights reserved 34 Change eDirectory Password

35 © Novell Inc. All rights reserved 35 Manage GroupWise Distribution Lists

36 © Novell Inc. All rights reserved 36 eDirectory Password Restrictions

37 © Novell Inc. All rights reserved 37 Active Directory Identification

38 © Novell Inc. All rights reserved 38 eDirectory Identification

39 © Novell Inc. All rights reserved 39 eDirectory User Self-Administration

40 © Novell Inc. All rights reserved 40 Account Create

41 © Novell Inc. All rights reserved 41 Administration – System Configuration

42 © Novell Inc. All rights reserved 42 Search Context Configuration

43 © Novell Inc. All rights reserved 43 Account Create Configuration

44 © Novell Inc. All rights reserved 44 Add Group to Task

45 © Novell Inc. All rights reserved 45 Forgot Password

46

47 Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Download ppt "EControl for Mixed Networks Aldo Zanoni B.Ed., B.A. CEO, Managing Director Omni Technology Solutions Tel: +1 780-423-4200 Web-based, “ZERO."

Similar presentations

Omni eControl: Unified management console for multiple applications

Omni eControl: Unified management console for multiple applications
December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.
EControl 2.x for Mixed Networks Web-based, ZERO-Rights User Account Management, Identity Administration and User Provisioning and EMU for eDirectory and.

EControl 2.x for Mixed Networks Web-based, ZERO-Rights User Account Management, Identity Administration and User Provisioning and EMU for eDirectory and.
Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.

Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.
Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/e-mail (14pt) Manage and Deploy Applications using Virtualization.

Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/ (14pt) Manage and Deploy Applications using Virtualization.
Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.

Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.
Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.

Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.
Omni Introduction Page All About Omni and our Products.

Omni Introduction Page All About Omni and our Products.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Understanding Active Directory

Understanding Active Directory
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.

How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.
Managing LOB Applications by Using System Center Operations Manager Published: March 2007.

Managing LOB Applications by Using System Center Operations Manager Published: March 2007.
Understanding Active Directory

Understanding Active Directory
Implementing eControl for Help Desk User Management and Self Service Aldo Zanoni Master CNI, B.A., B.Ed. Director of Customer Service, Omni Technology.

Implementing eControl for Help Desk User Management and Self Service Aldo Zanoni Master CNI, B.A., B.Ed. Director of Customer Service, Omni Technology.
Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.

Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.
Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,
Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.

Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.
Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.

Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.
Chapter 9: Novell NetWare

Chapter 9: Novell NetWare

Similar presentations

Ads by Google