| Author | Messages | |
listmail
Posts:444
 | | 09/24/2008 2:12 PM |
| That actually throws an interesting twist on that free tool.... I agree, the
functioning does seem somewhat similar to ARS (which I work with
considerably right now). Can't imagine Quest would be happy about having a)
Two similar engines out there or at least doing similar things b) Giving
one away for free.
I wonder if NetPro has time still to toss that out to the public domain.
Alternately maybe building tools like that is the secret to having Quest pay
78 million for you. 
joe
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Bobel
Sent: Sunday, September 14, 2008 7:25 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
Neil,
Imitation is the most sincere form of flattery.
In case you missed it.
http://www.netpro.com/company/news-room/press-releases/2008/Quest-Software-A
cquires-NetPro-Computing-Inc.-1010/
Bob
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of
neil.ruston@barclayswealth.com
Sent: Wednesday, September 10, 2008 11:35 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
Sounds somewhat like products already matured in this space, such as ARS.
http://www.quest.com/activeroles-server/
That even has the (customisable) web interface you describe.
Caveat: I have not looked at the product nor read the rel notes, so may have
jumped to the wrong conclusions J
neil
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: 10 September 2008 15:42
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
OK I am sitting on a con call and decided to read over the release notes for
this tool.... You don't have to install the EXE to get to them, just use
WINZIP to unpack.
So my 50k foot looking at the release notes for 3 minutes view of the
operation of this tool....
It appears we have a client / server type functionality here. You have an
agent installed on the machines with ADUC (note the limitations of running
with the Exchange ADUC snapin) and then it shoots a request over to a
console server to do the work for each and every request. The console server
uses SQLΏ] in the backend apparently and it has the security model. This
aligns with my comment #3 below.
Further things I would recommend digging into at this stage would be...
1. Failover for the backend server. Using a single console would give you a
single point of failure. For smaller orgs this likely wouldn't be an issue
as they could likely be down for updating AD for a bit, larger orgs
obviously would have other availabilty requirements. You would also want to
do some scale testing on this, how many users simultaneously using it will
be ok for the console?
2. Obviously there could be security concerns... What is the protocol being
used to pass requests/responses between the agent and the server over port
52520 (and is this port configurable)? Is it susceptable to possible buffer
overflow issues... This is really important if the security of your AD is
being moved from AD to this application obviously. You compromise the app,
you compromise AD.
Overall I would say it definitely looks promising. Would be very cool if
there is an API with it so someone could say whip up a web interface to work
with it and replace ADUC entirely. It might, but again I only read the
release notes so far, haven't dug deep into it.
I will try to find some time to read more of the docs.
joe
Ώ] Yuck. Why not ESE? Its already there and doesn't require any
setup/config by admins/users.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Wednesday, September 10, 2008 10:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
I am waiting for Gil to send me a check. ;o)
Seriously, I just heard about it. Sounds interesting so when I get a chance,
I will take a peek, maybe Gil can walk us through the basic architecture and
how it is accomplishing its primary functions and then we can all comment
and chat about it.
Off the top of my head I would be looking at
1. See if it is doing something in the backend in the directory or if it is
entirely a bolton to ADUC. The reason this is important is because if it
only does things on the front end, then it very likely can be easily
sidestepped.
2. If it is working on the backend, exactly what is it doing on the backend.
3. If it is on the frontend but can't be sidestepped, then exactly what is
it doing in the front end. I once visualized a system that added an
extension to ADUC that was smart enough to change its security context to do
the work so users actually had no direct rights.
4. Flexibility of rules
5. Ability to specify scripts for complex business rules
joe
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Grillenmeier, Guido
Sent: Wednesday, September 10, 2008 9:55 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
I don't know a person called Joeware.
But I do know joe very well - however, your opinion is just as important as
his.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ramon Linan
Sent: Wednesday, September 10, 2008 3:54 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
I would like to hear Joeware's opnion about that product.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Grillenmeier, Guido
Sent: Wednesday, September 10, 2008 9:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] New community website and free user management
product from NetPro
Gil - this is pretty impressive - I've not played with it yet, but will
certainly look at it.
Certainly looks like ADMC adds quite a bit of value to AD.
Wondering if others on the list have already tried it out?
/Guido
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Tuesday, September 09, 2008 3:55 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] New community website and free user management product
from NetPro
See http://www.turbochargead.org/. ADMC adds business rules and workflow to
ADUC.
Press release at
http://news.yahoo.com/s/prweb/20080908/bs_prweb/prweb1294424.
-gil
_____
Barclays Wealth is the wealth management division of Barclays Bank PLC. This
email may relate to or be sent from other members of the Barclays Group.
The availability of products and services may be limited by the applicable
laws and regulations in certain jurisdictions. The Barclays Group does not
normally accept or offer business instructions via internet email. Any
action that you might take upon this message might be at your own risk.
This email and any attachments are confidential and intended solely for the
addressee and may also be privileged or exempt from disclosure under
applicable law. If you are not the addressee, or have received this email in
error, please notify the sender immediately, delete it from your system and
do not copy, disclose or otherwise act upon any part of this email or its
attachments.
Internet communications are not guaranteed to be secure or without viruses.
The Barclays Group does not accept responsibility for any loss arising from
unauthorised access to, or interference with, any Internet communications by
any third party, or from the transmission of any viruses. Replies to this
email may be monitored by the Barclays Group for operational or business
reasons.
Any opinion or other information in this email or its attachments that does
not relate to the business of the Barclays Group is personal to the sender
and is not given or endorsed by the Barclays Group.
Barclays Bank PLC. Registered in England and Wales (registered no. 1026167).
Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom.
Barclays Bank PLC is authorised and regulated by the Financial Services
Authority.
| | | |
|
|