Self-Service Active Directory Provisioning: Delegate user account creation
PeopleProvision is a simple-to-deploy, intuitive role-based Microsoft Active Directory account provisioning application that allows you to delegate user account creation without having to give out full access to Active Directory. Self-Service Active Directory Provisioning releases IT from mundane, error-prone data entry tasks providing simple forms for others to fill out. Data in Active Directory becomes cleaner and more secure.Schedule a Demonstration Request a Quote
- Delegate Active Directory user account creation to users in your organization
- Optionally provision or de-provision Google Apps/Gmail Accounts, Exchange Mailboxes, and/or Office365 mailboxes
- Easy to configure business rules around how attributes are filled and how users are configured: fill virtually any attribute in Active Directory from any combination of inputs
- Create home shares. automatically set the profile path, logon script, etc. for new accounts based on business rules
- Place users in the correct security and distribution groups and OUs based on business rules
- Choose what constitutes a duplicate and how that’s handled
- Provide configurable and simple web forms to create new accounts or optionally deprovision users
- Options as to how a user’s password is created: include it on the form, generate it randomly (with configurable length), or both
- Administrators can define what values are in drop-downs on the provisioning form to ensure data consistency
- Business rules can be created from other rules to inherit their characteristics
- Full record keeping of provisioning, deprovisioning, and updates. Reporting available for administrators
- PeopleFlow workflow allows jobs to be scheduled on an ongoing basis or as needed some amount of time after an application event occurs: for example approve/deny users who have been provisioned or run licensing tasks some amount of time after they are provisioned
- Workflow available to allow administrators to approve newly created requests (allowing the user to be created) or deny
- Optional notifications to administrators and/or end users when a user is provisioned, deprovisioned, or updated– email templates fully configurable and include any data used in the provisioning process you want
PeopleProvision is a simple-to-deploy, intuitive role-based Microsoft Active Directory account provisioning solution that allows you to delegate user account creation without giving out the keys to the kingdom. Authorized users can fill in as few as one field on a form (but typically 5-8) to create a fully-populated Active Directory user account along with an optional Exchange mailbox, Google Apps/Gmail account, and/or Office 365 account and home share directory. Provisioning forms are completely configurable with the inputs from it and your provisioning rules transformable and loadable into virtually any Active Directory field that you specify.
PeopleProvision empowers your IT Staff to securely delegate user account creation to your help desk, HR personnel, or other groups in your organization without giving these users access to Active Directory Users and Computers (ADUC). A simple, intuitive end-user web form makes the account creation process easy and nearly impossible to create a user incorrectly. Administrators have complete control over where the new account is created in active directory, group memberships, as well as home shares, Exchange mailboxes and manager information.
Multiple customizable email notifications can be sent to administrators and/or end-users when provisioning and de-provisioning actions are completed. De-provisioning can optionally remove Google Apps or Office365 and/or Exchange mailboxes or can be set to simply disable users in Active Directory.
A workflow is available so that provision requests have to be approved before users are created.
If you’re interested in a demonstration, go to our contact form or send an email directly to our Web Active Directory Support Team and we’ll can schedule a demo.
PeopleProvision System Requirements
PeopleProvision, Web Active Directory’s easy-to-use solution for delegated Active Directory user account creation and provisioning, is an ASP.NET web application that runs on the Windows IIS web server. PeopleProvision also supports Exchange mailbox creation and home share provisioning on NTFS file systems as well as account creation/removal for Google Apps/gmail and Office365. PeopleProvision includes the following system requirements.
Please ensure the server is not a domain controller and is a member server in a domain. Important Note: Enable the Web Server role and IIS Windows authentication on the server.
|Windows Server 2008 R2 or later||Hosts the PeopleProvision web application plus PowerShell components like the Active|
|IIS 7.5 or later||Hosts processes and web applications|
|Microsoft .NET Framework version 4.5.1||You can download this from Microsoft’s download site at https://www.microsoft.com/en-us/download/details.aspx?id=40779.|
|Microsoft PowerShell 4.0||Provides a script hosting environment for working with PeopleProvision components
like Active Directory and Exchange. Windows Server 2008 R2 ships with PowerShell
already installed. You can view more information about PowerShell on Microsoft’s
site at http://msdn.microsoft.com/en-us/library/dd835506(VS.85).aspx.
|SQL Server 2005 or later (including Express editions)||Stores PeopleProvision configuration data. SQL Server Express Edition supports this requirement. You can download the free SQL Server Express editions from the following locations.
|Windows service account with permissions to create, move and delete objects in ActiveDirectory||Used by PeopleProvision to create, move and delete Active Directory accounts and
mailboxes and user home shares on NTFS file systems
|Windows Acvtive Directory 2003 or Higher|| Minimum schema version supported by PeopleNexus. For domain functional levels
before Windows 2008 R2, you need to install the Active Directory ®
Management Gateway Service on Server 2003, Server 2003 R2 and Server 2008 domain
controllers. Windows Server 2008 R2 already includes AD Management Gateway Service
if it is a domain controller.
The Active Directory Management Gateway Service provides a Web service interface
to Active Directory domains and instances of Active Directory Lightweight Directory
Services (AD LDS) or Active Directory Application Mode (ADAM) that are running on
the same server as the Active Directory Management Gateway Service. You can view
more information and download the AD Management Gateway Service on Microsoft’s site