Location: Mailing List

Syndicate

Friends

Friends

Adventnet Sky

The List

ActiveDir.org is the home of the Active Directory Discussions Mailing List which was started in January 2001 with the aim of providing a forum for discussing various aspects of Microsoft's Active Directory technology. Since then the list has grown to a membership of over 1000 subscribers and 5000 site members.  The list has become extremely active, and includes many of the foremost experts in Active Directory.

The focus here at ActiveDir.org is the mailing list, but we now also offer a range of useful resources (see left navigation options).

The forum below is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our mailing list community.  See more info about this here.

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

The Archives

Subject: [ActiveDir] [OT] - AD/DS team in an IT organization
Prev Next
You are not authorized to post a reply.

AuthorMessages
gabriel/tfiUser is Offline

Posts:452

03/30/2012 8:35 AM  
Based on your experience in medium/large orgs (say 10K empoyees at least) -
whether as an employee or consultant/contractor - within which functional
area does the team responsible for Active Directory commonly fit? How is it
commonly called? "Active Directory"? "Directory Services"?



Thanks - Gabriele.


ZJORZUser is Offline

Posts:477

03/30/2012 9:14 AM  
At one of my customers it initially started as "Active Directory" and it
remained as "Active Directory" (naming only)

The responsibilities of THAT team however did change as new technologies
became their responsibility: e.g: AD, NPS/Radius/802.1x, ADFS,SCOM, Lync



Cheers,



(HOPEFULLY THIS INFORMATION HELPS YOU!)



Ing. Jorge de Almeida Pinto

Principal Consultant

MVP Identity & Access - Directory Services | MCP/MCSE/MCITP | MCT | vTSP

(MVP Profile
<https://mvp.support.microsoft.com/profile=F8C04F4A-BFF2-453E-9AED-7DFEDAB0B
E10> ) (Blog <http://jorgequestforknowledge.wordpress.com/> )



-------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!

* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: <http://jorgequestforknowledge.wordpress.com/disclaimer/>
http://jorgequestforknowledge.wordpress.com/disclaimer/
-------------------------------

Description: Description: Description: Description: Description: Think Green



From: activedir-owner@xxxxxxxxxxxxxxxx
[mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gabriele Scolaro
Sent: Friday, March 30, 2012 09:33
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] [OT] - AD/DS team in an IT organization



Based on your experience in medium/large orgs (say 10K empoyees at least) -
whether as an employee or consultant/contractor - within which functional
area does the team responsible for Active Directory commonly fit? How is it
commonly called? "Active Directory"? "Directory Services"?



Thanks - Gabriele.


GilUser is Offline

Posts:316

03/30/2012 9:28 AM  
Going back in history, it was the Window Server team that ended up with AD responsibilities. Sometimes the larger orgs would explicitly carve off a separate team from the Windows Server group and make them responsible for AD, other times the team gradually developed AD as a focus. I've never seen an org where the AD team came from networking, security, or for instance, the Netscape directory team. It's always been part of Windows.

-gil

From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gabriele Scolaro
Sent: Friday, March 30, 2012 6:33 PM
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] [OT] - AD/DS team in an IT organization

Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? "Active Directory"? "Directory Services"?

Thanks - Gabriele.

dloderUser is Offline

Posts:151

03/30/2012 12:43 PM  
Our corporate IT as a whole is split between engineering and operations functions.  Right now the two teams involved with AD are both known as Security Engineering and Security Operations.  Our names change and our placement within the company moves from time to time, but our functions are pretty defined to security infrastructure.  Currently AD, ADLDS, ADFS, ADCS, FIM, 3rd party password management, two-factor AuthN and a home-grown SSO are the major pieces.   Most of the people in both groups have a more generalized background from Windows Server, but we do have some that moved from Netscape LDAP to AD when we migrated that directory, and from other *nix-based operations roles.   But this separation from the general Windows and *nix Server operations teams helps us to maintain joe's rule of few EAs.     -- http://dloder.blogspot.com -- ________________________________ From: Gil Kirkpatrick <Gil.Kirkpatrick@xxxxxxxxxxxxxxxx> To: "activedir@xxxxxxxxxxxxxxxx" <activedir@xxxxxxxxxxxxxxxx> Sent: Friday, March 30, 2012 4:26 AM Subject: RE: [ActiveDir] [OT] - AD/DS team in an IT organization Going back in history, it was the Window Server team that ended up with AD responsibilities. Sometimes the larger orgs would explicitly carve off a separate team from the Windows Server group and make them responsible for AD, other times the team gradually developed AD as a focus. I’ve never seen an org where the AD team came from networking, security, or for instance, the Netscape directory team. It’s always been part of Windows.   -gil   From:activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gabriele Scolaro Sent: Friday, March 30, 2012 6:33 PM To: activedir@xxxxxxxxxxxxxxxx Subject: [ActiveDir] [OT] - AD/DS team in an IT organization   Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? “Active Directory”? “Directory Services”?   Thanks – Gabriele.
pgtUser is Offline

Posts:30

03/30/2012 12:47 PM  
My org calls it authentication team.

Sent from my phone.

On 30-Mar-2012, at 1:40 PM, Jorge de Almeida Pinto <jorgedealmeidapinto@xxxxxxxxxxxxxxxx> wrote:

> At one of my customers it initially started as “Active Directory” and it remained as “Active Directory” (naming only)
> The responsibilities of THAT team however did change as new technologies became their responsibility: e.g: AD, NPS/Radius/802.1x, ADFS,SCOM, Lync
>
> Cheers,
>
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> Ing. Jorge de Almeida Pinto
> Principal Consultant
> MVP Identity & Access - Directory Services | MCP/MCSE/MCITP | MCT | vTSP
> (MVP Profile) (Blog)
>
> ———————————————————————————————
> * This posting is provided "AS IS" with no warranties and confers no rights!
> * Always evaluate/test yourself before using/implementing this!
> * DISCLAIMER: http://jorgequestforknowledge.wordpress.com/disclaimer/
> ———————————————————————————————
> <image001.gif>
>
> From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gabriele Scolaro
> Sent: Friday, March 30, 2012 09:33
> To: activedir@xxxxxxxxxxxxxxxx
> Subject: [ActiveDir] [OT] - AD/DS team in an IT organization
>
> Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? “Active Directory”? “Directory Services”?
>
> Thanks – Gabriele.

joe1User is Offline

Posts:40

03/30/2012 6:52 PM  
On my org (30,000 staff) we are the Directory Services team. Was recently asked to change to Identity Management team.

Sent from my phone

On 30 Mar 2012, at 08:42, "Gabriele Scolaro" <gabro@xxxxxxxxxxxxxxxx<mailto:gabro@xxxxxxxxxxxxxxxx>> wrote:

Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? “Active Directory”? “Directory Services”?

Thanks – Gabriele.

List info: http://www.activedir.org/List.aspx
millh0useUser is Offline

Posts:1

03/30/2012 7:09 PM  
Directory Services is a subset of the Windows Server group at my current
company, with only a couple of people on that team actually focusing on
AD.
At my previous company, we were the Messaging and Directory Services
group. If you are an Exchange shop, I think it makes a lot of sense to
combine Directory Services with Messaging because of how much Exchange
relies on AD. Identity Management is definitely something that could be
included in that group as well.




From: Joe McNicholas <joe@xxxxxxxxxxxxxxxx>
To: "<activedir@xxxxxxxxxxxxxxxx>" <activedir@xxxxxxxxxxxxxxxx>
Date: 03/30/2012 01:52 PM
Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization
Sent by: activedir-owner@xxxxxxxxxxxxxxxx



On my org (30,000 staff) we are the Directory Services team. Was recently
asked to change to Identity Management team.

Sent from my phone

On 30 Mar 2012, at 08:42, "Gabriele Scolaro" <gabro@xxxxxxxxxxxxxxxx<
mailto:gabro@xxxxxxxxxxxxxxxx>> wrote:

Based on your experience in medium/large orgs (say 10K empoyees at least)
- whether as an employee or consultant/contractor - within which
functional area does the team responsible for Active Directory commonly
fit? How is it commonly called? ?Active Directory?? ?Directory Services??

Thanks ? Gabriele.

List info: http://www.activedir.org/List.aspx


sivasankar_33User is Offline

Posts:62

03/30/2012 7:38 PM  
In my organisation we call it as "Distributed System Support" a team which
takes care of Windows server and AD. Exchange, DB and Client deployment
will fall under the roof of "Distributed Systems"

On Fri, Mar 30, 2012 at 1:03 PM, Gabriele Scolaro <gabro@xxxxxxxxxxxxxxxx> wrote:

> Based on your experience in medium/large orgs (say 10K empoyees at least)
> - whether as an employee or consultant/contractor - within which functional
> area does the team responsible for Active Directory commonly fit? How is it
> commonly called? “Active Directory”? “Directory Services”?****
>
> ** **
>
> Thanks – Gabriele.****
>



--
Regards,
Sivasankar G
+91-9884810236

DaemonRootUser is Offline

Posts:192

03/30/2012 7:42 PM  
IMHO it's better to split them apart, for matters of data privacy, security,
compliance and even to let folks go really deep into a technology which will
let them specialize on it instead of having a general knowledge of many
things.

This of course means you gotta have a solid delegation/security model in
place.

If we think about it pretty much all services depend on AD as it is the core
service so putting all things in the same bucket might not be the best; try
avoiding conflicts of interest.

Doing a service mapping will let you group folks in the best way and will
also allow you to document dependencies and OLAs defined.

Cheers,



~d





From: activedir-owner@xxxxxxxxxxxxxxxx
[mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of
jeremy.miller@xxxxxxxxxxxxxxxx
Sent: Friday, March 30, 2012 12:08 PM
To: activedir@xxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization



Directory Services is a subset of the Windows Server group at my current
company, with only a couple of people on that team actually focusing on AD.
At my previous company, we were the Messaging and Directory Services group.
If you are an Exchange shop, I think it makes a lot of sense to combine
Directory Services with Messaging because of how much Exchange relies on AD.
Identity Management is definitely something that could be included in that
group as well.




From: Joe McNicholas <joe@xxxxxxxxxxxxxxxx>
To: "<activedir@xxxxxxxxxxxxxxxx>" <activedir@xxxxxxxxxxxxxxxx>
Date: 03/30/2012 01:52 PM
Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization
Sent by: activedir-owner@xxxxxxxxxxxxxxxx

_____




On my org (30,000 staff) we are the Directory Services team. Was recently
asked to change to Identity Management team.

Sent from my phone

On 30 Mar 2012, at 08:42, "Gabriele Scolaro" <gabro@xxxxxxxxxxxxxxxx<
<mailto:gabro@xxxxxxxxxxxxxxxx> mailto:gabro@xxxxxxxxxxxxxxxx>> wrote:

Based on your experience in medium/large orgs (say 10K empoyees at least) -
whether as an employee or consultant/contractor - within which functional
area does the team responsible for Active Directory commonly fit? How is it
commonly called? "Active Directory"? "Directory Services"?

Thanks - Gabriele.

List info: <http://www.activedir.org/List.aspx>
http://www.activedir.org/List.aspx


sivasankar_33User is Offline

Posts:62

03/30/2012 7:53 PM  
You can also think of something like Active Directory Messaging and
Operations team (ADMOP team)

Our organization's employee strength is 1,76,000 :)

On Sat, Mar 31, 2012 at 12:07 AM, Sivasankar G <sivasankar.hcl@xxxxxxxxxxxxxxxx>wrote:

> In my organisation we call it as "Distributed System Support" a team which
> takes care of Windows server and AD. Exchange, DB and Client deployment
> will fall under the roof of "Distributed Systems"
>
>
> On Fri, Mar 30, 2012 at 1:03 PM, Gabriele Scolaro <gabro@xxxxxxxxxxxxxxxx> wrote:
>
>> Based on your experience in medium/large orgs (say 10K empoyees at least)
>> - whether as an employee or consultant/contractor - within which functional
>> area does the team responsible for Active Directory commonly fit? How is it
>> commonly called? “Active Directory”? “Directory Services”?****
>>
>> ** **
>>
>> Thanks – Gabriele.****
>>
>
>
>
> --
> Regards,
> Sivasankar G
> +91-9884810236
>



--
Regards,
Sivasankar G
+91-9884810236

mctbillUser is Offline

Posts:22

03/31/2012 4:48 AM  
That is us. We are somewhat large. 150-ish thousand carbon based
lifeforms, and 100-ish thousand silicon based lifeforms. AD was one guy
(me) on the Windows Server team. Then we grew to a couple of people, and
got moved to Directory Services. Now we are moved back to the Windows
Server team. Sort of moved. They really just divvied us up on a couple of
teams. We'll probably get re-orged into Security or Risk Management. They
have changed my job title about 4 or 5 times as well. I'm still doing the
same work.



I agree with the posters that say there needs to be a dynamic tension in the
environment, and don't view it as a bad thing. We get requirements from
Security/ IT Risk Management. We create engineering designs and build the
environment. Internal Audit checks what we do. Then Security does
pen-testing to make sure the other two sides are honest. It's work, but
it's safe.



I just think their needs to be sufficient horsepower for your leadership to
get things done for you, regardless of where you fit in the org chart. A
frequent lament from many AD folks (Okay, maybe just me) is that they trust
us at 3 am over a VPN connection, but not at 3 pm across a conference table.
So if your boss has the political muscle or incriminating video to get
things done, then that is where you belong.



Bill



From: activedir-owner@xxxxxxxxxxxxxxxx
[mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gil Kirkpatrick
Sent: Friday, March 30, 2012 3:27 AM
To: activedir@xxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] [OT] - AD/DS team in an IT organization



Going back in history, it was the Window Server team that ended up with AD
responsibilities. Sometimes the larger orgs would explicitly carve off a
separate team from the Windows Server group and make them responsible for
AD, other times the team gradually developed AD as a focus. I've never seen
an org where the AD team came from networking, security, or for instance,
the Netscape directory team. It's always been part of Windows.



-gil



From: activedir-owner@xxxxxxxxxxxxxxxx
[mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Gabriele Scolaro
Sent: Friday, March 30, 2012 6:33 PM
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] [OT] - AD/DS team in an IT organization



Based on your experience in medium/large orgs (say 10K empoyees at least) -
whether as an employee or consultant/contractor - within which functional
area does the team responsible for Active Directory commonly fit? How is it
commonly called? "Active Directory"? "Directory Services"?



Thanks - Gabriele.


bijubabukUser is Offline

Posts:154

03/31/2012 7:27 AM  
AD team is part of Identity Mgmt Team, sub working groups deal with AD,
DS, Federation, UP , RADIUS , PKI , Secure-ID etc



Rgds





From: activedir-owner@xxxxxxxxxxxxxxxx
[mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of gabro@xxxxxxxxxxxxxxxx
Sent: Friday, March 30, 2012 1:03 PM
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] [OT] - AD/DS team in an IT organization



Based on your experience in medium/large orgs (say 10K empoyees at
least) - whether as an employee or consultant/contractor - within which
functional area does the team responsible for Active Directory commonly
fit? How is it commonly called? "Active Directory"? "Directory
Services"?



Thanks - Gabriele.


es491User is Offline

Posts:11

04/01/2012 4:53 PM  
Same here, we are part of the Identity and Access Management Team, with about the same responsabilities.

Regards

________________________________
From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Biju_babu@xxxxxxxxxxxxxxxx
Sent: zaterdag 31 maart 2012 8:26
To: activedir@xxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] [OT] - AD/DS team in an IT organization

AD team is part of Identity Mgmt Team, sub working groups deal with AD, DS, Federation, UP , RADIUS , PKI , Secure-ID etc

Rgds


From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of gabro@xxxxxxxxxxxxxxxx
Sent: Friday, March 30, 2012 1:03 PM
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] [OT] - AD/DS team in an IT organization

Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? "Active Directory"? "Directory Services"?

Thanks - Gabriele.
-------------------------------------------------------------------------
Dexia disclaimer:

http://www.dexia.com/maildisclaimer.htm
-------------------------------------------------------------------------


robertsingersUser is Offline

Posts:648

04/01/2012 9:15 PM  
I have worked for an organisation where the Exchange team became the defacto owners of Active Directory. The reason is quite logical, Exchange is the most prominent business facing aspect of Active Directory, so that was the team that the business was willing to fund.

From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of jeremy.miller@xxxxxxxxxxxxxxxx
Sent: Saturday, 31 March 2012 7:08 a.m.
To: activedir@xxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization

Directory Services is a subset of the Windows Server group at my current company, with only a couple of people on that team actually focusing on AD.
At my previous company, we were the Messaging and Directory Services group. If you are an Exchange shop, I think it makes a lot of sense to combine Directory Services with Messaging because of how much Exchange relies on AD. Identity Management is definitely something that could be included in that group as well.




From: Joe McNicholas <joe@xxxxxxxxxxxxxxxx<mailto:joe@xxxxxxxxxxxxxxxx>>
To: "<activedir@xxxxxxxxxxxxxxxx<mailto:activedir@xxxxxxxxxxxxxxxx>>" <activedir@xxxxxxxxxxxxxxxx<mailto:activedir@xxxxxxxxxxxxxxxx>>
Date: 03/30/2012 01:52 PM
Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization
Sent by: activedir-owner@xxxxxxxxxxxxxxxx<mailto:activedir-owner@xxxxxxxxxxxxxxxx>
________________________________



On my org (30,000 staff) we are the Directory Services team. Was recently asked to change to Identity Management team.

Sent from my phone

On 30 Mar 2012, at 08:42, "Gabriele Scolaro" <gabro@xxxxxxxxxxxxxxxx<mailto:gabro@xxxxxxxxxxxxxxxx>> wrote:

Based on your experience in medium/large orgs (say 10K empoyees at least) - whether as an employee or consultant/contractor - within which functional area does the team responsible for Active Directory commonly fit? How is it commonly called? "Active Directory"? "Directory Services"?

Thanks - Gabriele.

List info: http://www.activedir.org/List.aspx



This message has been scanned for viruses and is believed to be clean.

#####################################################################################
This message has been scanned for viruses and is believed to be clean.
#####################################################################################

----------------------------------------------------------------------------------------
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. If you are not the intended recipient of this message, privilege and confidentiality is not waived or lost, and you are not entitled to use, disclose or copy it in any way. Opinions expressed in this message are not necessarily those of the Department of Building and Housing. The Department does not accept any liability for any technical opinions offered. While we use standard virus protection software, we do not accept responsibility for viruses or anything similar in this email or its attachments, nor do we accept responsibility for changes made to this email or to its attachments after it leaves our system. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
----------------------------------------------------------------------------------------

idarrylUser is Offline

Posts:14

04/02/2012 3:32 PM  
I just finished working for a European Government organisational where I
was the AD guy within the Identity and Access Management team within the
Operational Security department.

The reasoning was that we managed all identities (or the delegation), and
access to all resources throughout the organisation, regardless of the
underlying service.

....2c

~
Darryl Shiels


On 1 April 2012 22:14, Robert Singers <Robert.Singers@xxxxxxxxxxxxxxxx> wrote:

> I have worked for an organisation where the Exchange team became the
> defacto owners of Active Directory. The reason is quite logical, Exchange
> is the most prominent business facing aspect of Active Directory, so that
> was the team that the business was willing to fund.****
>
> ** **
>
> *From:* activedir-owner@xxxxxxxxxxxxxxxx [mailto:
> activedir-owner@xxxxxxxxxxxxxxxx] *On Behalf Of *
> jeremy.miller@xxxxxxxxxxxxxxxx
> *Sent:* Saturday, 31 March 2012 7:08 a.m.
> *To:* activedir@xxxxxxxxxxxxxxxx
>
> *Subject:* Re: [ActiveDir] [OT] - AD/DS team in an IT organization****
>
> ** **
>
> Directory Services is a subset of the Windows Server group at my current
> company, with only a couple of people on that team actually focusing on AD.
> At my previous company, we were the Messaging and Directory Services
> group. If you are an Exchange shop, I think it makes a lot of sense to
> combine Directory Services with Messaging because of how much Exchange
> relies on AD. Identity Management is definitely something that could be
> included in that group as well.
>
>
>
>
> From: Joe McNicholas <joe@xxxxxxxxxxxxxxxx>
> To: "<activedir@xxxxxxxxxxxxxxxx>" <activedir@xxxxxxxxxxxxxxxx>
> Date: 03/30/2012 01:52 PM
> Subject: Re: [ActiveDir] [OT] - AD/DS team in an IT organization
> Sent by: activedir-owner@xxxxxxxxxxxxxxxx ****
> ------------------------------
>
>
>
>
> On my org (30,000 staff) we are the Directory Services team. Was recently
> asked to change to Identity Management team.
>
> Sent from my phone
>
> On 30 Mar 2012, at 08:42, "Gabriele Scolaro" <gabro@xxxxxxxxxxxxxxxx<
> mailto:gabro@xxxxxxxxxxxxxxxx <gabro@xxxxxxxxxxxxxxxx>>> wrote:
>
> Based on your experience in medium/large orgs (say 10K empoyees at least)
> - whether as an employee or consultant/contractor - within which functional
> area does the team responsible for Active Directory commonly fit? How is it
> commonly called? “Active Directory”? “Directory Services”?
>
> Thanks – Gabriele.
>
> List info: http://www.activedir.org/List.aspx****
>
> ****
>
> This message has been scanned for viruses and is believed to be clean.****
>
>
>
> This message has been scanned for viruses and is believed to be clean.
> **
> *
> ------------------------------
> Please Note:
> The information contained in this email message and any attached files may
> be confidential and subject to privilege. If you are not the intended
> recipient of this message, privilege and confidentiality is not waived or
> lost, and you are not entitled to use, disclose or copy it in any way.
> Opinions expressed in this message are not necessarily those of the
> Department of Building and Housing. The Department does not accept any
> liability for any technical opinions offered. While we use standard virus
> protection software, we do not accept responsibility for viruses or
> anything similar in this email or its attachments, nor do we accept
> responsibility for changes made to this email or to its attachments after
> it leaves our system. If you have received this email in error, please
> notify us immediately by reply email and delete the original and any
> attachment(s). Thank you.
> ------------------------------
>
> *
>

slUser is Offline

Posts:119

04/02/2012 11:25 PM  
I see a problem with such approach: opsec unit usually doesn't have
operational accountability for applications that utilise directory
services via LDAP, Kerberos or any other interface; they are also walled
out of infrastructure support, resulting in all kinds of inefficiencies.
Yet this is a government agency you're talking about, so - no surprise
there.

regards

Slav

On 3/04/2012 12:30 AM, Darryl Shiels wrote:
> I just finished working for a European Government organisational where
> I was the AD guy within the Identity and Access Management team within
> the Operational Security department.
>
> The reasoning was that we managed all identities (or the delegation),
> and access to all resources throughout the organisation, regardless of
> the underlying service.
>
> ....2c
>
> ~
> Darryl Shiels
>

You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > [ActiveDir] [OT] - AD/DS team in an IT organization



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:SalTZSP
New TodayNew Today:1
New YesterdayNew Yesterday:3
User CountOverall:6600

People OnlinePeople Online:
VisitorsVisitors:249
MembersMembers:0
TotalTotal:249

Online NowOnline Now:

Ads

Copyright 2014 ActiveDir.org
Terms Of Use