Sample – User Roles Server Assessment Considerations – Part 2
April 30, 2013Partial list of questions to consider.
|
Business issue |
Recommendation |
Comments |
| 0 time spent with / Managing Authentication today | Dedicate resource time on solution to leverage tool and reduce AD administration time | Agreement; reduce workload & leverage automation |
| No Automation | Create further policies | |
| Approval process needed for Groups and users (owner) | Use built in approvals for critical groups, user changes, etc that are all built in today | Documentation |
| Reporting data | Update to full version of SQL | Need process |
| Upgrade | Need to find time | |
| Approvals | Workflow of critical changes to the AD environment and who is responsible for each change. | Ease audit requirements, best practices for AD administration / delegation and segregation of duties |
| Attestation | Object lifecycle and ownership removal from IT to the business owner | Removal of stale objects from the directory |
| Group Families (dynamic) | Ease security delegation and administration of groups to the end user of the groups | IT as a service; remove IT responsibility of ownership |
| Unmanaged account domains | Read from other unmanaged / non migrated domains today and manage until migration project completed. Leverage infrastructure in place today and reduce overall admin time | Allows group management across domains for security / delegation purposes |
| Manage Computer Services | Ability to delegate computer management to OU / Site Admins. Reduce workload | Another delegation reducing workload, Enforcement of policies |
| Publish Groups for self-subscription | Reduce administration workload | Self service requests |
| Notifications | Quicker administration / reduce workload | Speed process / automation for change requests on activities |
www.bestitdocuments.com