UMRA – Web Based User Provisioning V2

10:12 PM / Comments (0) / by Tech Admin

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Web Based User Provisioning V2

I am writing this blog in reference to one of my recent blog post UMRA – Web Based User Provisioning. I’ve received questions and comments regarding how UMRA interacts with a web based portal, or intranet site., So I will try to shed some more light on this some of the questions I’ve received, as well as dig a little deeper and show you some additional flexibility of creating a web portal for your User Provisioning with UMRA, including disabling users, reactivating users, and advanced group membership management.

UMRA – Web Based User Provisioning Questions

Question - What can you do with UMRA?

Answer – You can mimic any Active Directory Work Flow, or Business Logic you may have now when editing, creating, or modify an Active Directory Object, with simple drag, and drop actions. (See http://umratips.blogspot.com/ for COM/API information or See http://activedirectoryadmin.blogspot.com/ for UMRA – Automation , UMRA – Forms & Delegation, or UMRA Mass Projects.

Question – Can you do more than create a user with UMRA in the portal?

Answer – Yes, you can mimic any Active Directory task you do now, either in Active Directory itself, or with some other Active Directory Management Tool.

Question – What layouts work UMRA?
Answer – Since UMRA is your back end processing application, you can create any type of layout you like, it can be a simple HTML page, or something far more complex in ASP, .NET, etc.
UMRA – Web Based User Provisioning AdvancedSo now that know how UMRA can be integrated into a Web Based User Provisioning process, let’s talk about a few everyday tasks that you might want delegate out to a group of users, or Helpdesk etc. I will show you some screen shots, and explain how I integrated disabling users, reactivating users, and advanced group membership management into web based portals / intranet sites I’ve build for my clients.


Activating / Disabling users and Managing Group Memberships through a web portal.
- Now you see how I didn’t say only Active Directory Users, with UMRA we have the ability to run command lines process, vbscripts, push and pull data from ODBC compliant databases etc. So if you have other applications that use these, and provide some type of COM/API then you can utilize UMRA for these additional functions, thus not needing to give the user you gave right to, to make this change, and elevated rights. However, for the time being, we will focus on just Active Directory.The screen shot below is a portal I built for a client, that allows the user to search active directory by an attribute they specific, and below the search box it will display search results matching the searched criteria. Next, the user can click on the username they are looking for, and it will pull up the user information in real time, right from Active Directory. Now, keep in mind UMRA is taking care of all the requests in the background with scripts I’ve created. All the user has to do now, is click on the small icon next to the user’s status, if the user was disabled, it will show a different icon and wording compared to if the user was active.



In most cases, you can have your UMRA script do something simple as just disabling or reactivating the account, however, in most cases, my clients want to do far more than just that. Sometimes they can, disable the account, move the account to a specify OU, strip group membership, and then log this data to a database. This is all up to you, and how you create your UMRA script.If you look to the right on the screen you will see how I intergraded the user’s group memberships on the web, in a clean and easy to manage fashion. I display the user’s current group memberships in real time, and even gave the user the ability to search for groups, and apply them to the user, WITHOUT having the user go into, or have any elevated rights in Active Directory. Again, keep in mind, UMRA scripts in the background are getting/setting all this data for me, PLUS everything the user does, is recorded into a database, that way I will have a complete audit trail of this user, what was changed on their account, and who did it, time date etc.



Please keep a close eye on this blog, I will be writing more about differnt User Provisioning Optins I've developed and applied to our client web portals.

Posted in:

Submit Article :- BlinkList + Blogmarks + Digg + Del.icio.us + Ekstreme Socializer + Feedmarker + Furl + Google Bookmarks + ma.gnolia + Netvouz + RawSugar + Reddit + Scuttle + Shadows + Simpy + Spurl + Technorati + Unalog + Wink

This entry was posted on 10:12 PM and is filed under . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

0 comments:

Post a Comment

 
-->