One of the great new capabilities new to ActiveRoles AD CMDLETS version 1.4 is the ability to define criteria for how you want to identify obsolete or inactive accounts. You define the criteria as an “InactiveAccountsPolicy” that can be called from the Get-QADUser cmdlet to list accounts matching the obsolete policy then delete, disable or if [...]
Most legal or regulatory requirements simply state that both Access Controls and Attestation are required for an audit, but they don’t specify if those controls are to be paper based or part of an electronic workflow. Many organizations spend thousands of hours building a paper based set of controls and attestation process only to be [...]
First there is no built-in mechanism to enforce an attestation policy or help perform the access reviews. Microsoft Windows Server and Microsoft Active Directory use groups as the basic mechanism to control access to resources, and most non-Microsoft operating systems and directories use them as well. Because groups are universally accepted as the method by [...]
Attestation describes any certification review process where an individual swears to or witness/confirm something important. This term is almost universally used to describe a review/certification process that requires resource owners to verify their authorized users during on an on-going basis. This on-going process Attestation usually provides an organization with a measure of protection from liability [...]
