UMRA – Web Portal Delegation

If you haven’t already download the free trial version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Web Portal Delegation

In my recent blogs we’ve talked about ways to create a delegated Web Portal with delegated tasks that take direct affect on Active Directory objects, such as creation of user account, creation of groups, editing and managing group memberships. However, with this blog I am going to talk about NON Active Directory tasks that you can delegate out to users, such as account creation in other systems, and managing these accounts through a Role Based Access portal with UMRA controlling all the back end logic. Now some of you are most likely wondering how UMRA can handle such requests. Keep in mind that UMRA has the ability to connect to databases, it can push and pull data, it can also run command line functions, most of software applications such as Google apps, and Live Labs, People Soft, SAP etc have complete API’s that allow you to run functions via web services. Some of these applications are built right into UMRA so you can drag and drop simple actions for each of these applications. If you want to see topics on Web Portal Delegation on Active Directory Objects, see the blog posts below.

UMRA – Web Based User Provisioning
UMRA – Web Based User Provisioning V2
UMRA – Web Based Work Flows
UMRA – Web Based Group Management

UMRA – Web Portal Delegation Tips

First think you want to do is figure out what Role Based Access types you will have coming into your portal, and figure out what tasks in your application you want to allow those RBAC types to do. Also, you will need to make sure your tasks you want to delegate are available on the applications API documentations or listed a method. For example, if you wanted to delegate out a “Password Reset” in another application, you need to make sure you can do this either via a command line, or web service. If it’s not listed, it might not be possible, however I have noticed that sometimes if a specific method is not listed in the applications API list, doesn’t mean it’s not possible, some applications allow you to create your own API or method.

Now some of you might be asking, “What if my application is home grown” app. Simple, these applications follow the same rules as the larger applications. For example if you have a home grown HR system, that uses an SQL database as there backend to hold user data, you know there is either a Stored Procedure, or SQL stamen being used with creating a new user for that system. Most of the time you can use SQL Query Analyzer to see exactly what statement is being executed, or see what series of stored procedures are being called with you create a user through the application itself. Now what do you do with this data? You can now make a simple UMRA project that mimics this data. You can now follow these steps for other “actions” in your application. Before you know it, you will have your own complete UMRA API to your application in a sense. I hope this helps some of you out there trying to do this, if you have any questions, please feel free to comment.

UMRA – Web Portal Self Service

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Web Portal Self Service

In my recent blogs we’ve talked about ways to create a delegated Web Portal with UMRA Automation scripts. I’ve also covered way you can delegate out Active Directory tasks such as, user creation, exchange mail box creation, home folder creation, and other Active Directory and User Life Cycle. However, in this blog post I am going to give you an idea and some tips of how to create a Self Service portal for your Active Directory Users. Now, creating a User Self Service Portal with UMRA as your backend can encompass a lot of functionally such as, allowing users to maintain and update their Active Directory attributes, without giving them any elevated privileges in Active Directory. I’ve had some of our clients request such web portals to integrate the user change requests to be put into a ticket system, or work flow. So as you can see there are many options you can do when setting up a self service portal with UMRA as your backend tool, however keep in mind without UMRA you won’t be able to handle such requests quickly and with accuracy every time.

UMRA – Web Portal Self Service Tips

When you decide you are going to crate your users a Self Service with UMRA you need to focus on what you’re going to allow your users to update in Active Directory. Now, quick note we are only talking about Active Directory here, however, as you’ve seen in my other blog posts, UMRA has the ability to run command lines, connect to Databases and so on, so you can actually have your users control information from other systems. To the user it’s seamless, they don’t need to know where your pulling the information from, and setting it to. So below are a few tips to keep in mind when creating a Web Portal for Self Service with UMRA as your backend tool.

Tip 1 :Get a list of items you want your users to update
Tip2: Create smaller UMRA scripts to handle each update OR create a generic UMRA function to accept 3 paramaters (username,attribute_name,attribute_new_value)
Tip3: Log ALL actions to a database (SQL Access etc.)
Tip4: Turn OFF IUSER Account in IIS Security, and turn ON Integrated Security

UMRA – Web Portal Self Service Screen Shots

Below are a few ways I’ve integrated a self service portal in a few of my customer requests.

UMRA – Web Based User Provisioning V2

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Web Based User Provisioning V2

I am writing this blog in reference to one of my recent blog post UMRA – Web Based User Provisioning. I’ve received questions and comments regarding how UMRA interacts with a web based portal, or intranet site., So I will try to shed some more light on this some of the questions I’ve received, as well as dig a little deeper and show you some additional flexibility of creating a web portal for your User Provisioning with UMRA, including disabling users, reactivating users, and advanced group membership management.

UMRA – Web Based User Provisioning Questions

Question - What can you do with UMRA?

Answer – You can mimic any Active Directory Work Flow, or Business Logic you may have now when editing, creating, or modify an Active Directory Object, with simple drag, and drop actions. (See http://umratips.blogspot.com/ for COM/API information or See http://activedirectoryadmin.blogspot.com/ for UMRA – Automation , UMRA – Forms & Delegation, or UMRA Mass Projects.

Question – Can you do more than create a user with UMRA in the portal?

Answer – Yes, you can mimic any Active Directory task you do now, either in Active Directory itself, or with some other Active Directory Management Tool.

Question – What layouts work UMRA?
Answer – Since UMRA is your back end processing application, you can create any type of layout you like, it can be a simple HTML page, or something far more complex in ASP, .NET, etc.
UMRA – Web Based User Provisioning AdvancedSo now that know how UMRA can be integrated into a Web Based User Provisioning process, let’s talk about a few everyday tasks that you might want delegate out to a group of users, or Helpdesk etc. I will show you some screen shots, and explain how I integrated disabling users, reactivating users, and advanced group membership management into web based portals / intranet sites I’ve build for my clients.


Activating / Disabling users and Managing Group Memberships through a web portal.
- Now you see how I didn’t say only Active Directory Users, with UMRA we have the ability to run command lines process, vbscripts, push and pull data from ODBC compliant databases etc. So if you have other applications that use these, and provide some type of COM/API then you can utilize UMRA for these additional functions, thus not needing to give the user you gave right to, to make this change, and elevated rights. However, for the time being, we will focus on just Active Directory.The screen shot below is a portal I built for a client, that allows the user to search active directory by an attribute they specific, and below the search box it will display search results matching the searched criteria. Next, the user can click on the username they are looking for, and it will pull up the user information in real time, right from Active Directory. Now, keep in mind UMRA is taking care of all the requests in the background with scripts I’ve created. All the user has to do now, is click on the small icon next to the user’s status, if the user was disabled, it will show a different icon and wording compared to if the user was active.



In most cases, you can have your UMRA script do something simple as just disabling or reactivating the account, however, in most cases, my clients want to do far more than just that. Sometimes they can, disable the account, move the account to a specify OU, strip group membership, and then log this data to a database. This is all up to you, and how you create your UMRA script.If you look to the right on the screen you will see how I intergraded the user’s group memberships on the web, in a clean and easy to manage fashion. I display the user’s current group memberships in real time, and even gave the user the ability to search for groups, and apply them to the user, WITHOUT having the user go into, or have any elevated rights in Active Directory. Again, keep in mind, UMRA scripts in the background are getting/setting all this data for me, PLUS everything the user does, is recorded into a database, that way I will have a complete audit trail of this user, what was changed on their account, and who did it, time date etc.



Please keep a close eye on this blog, I will be writing more about differnt User Provisioning Optins I've developed and applied to our client web portals.

UMRA – Web Based Work Flows

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Web Based Work Flows

Just recently I was tasked with creating portal for South West Washington Schools. This project consisted mainly of a web portal that will allow multiple departments to handle Active Directory tasks via the web, and have UMRA take care of all the backend work flows ie: group management, file share creation, user creation, and account updates. Now, one of the tricky parts to this portal was they have 30 schools in there district, and hundreds of user creation, and user management options. So creating portal with both process for different role based access types, and for over 30 different school locations is no easy tasks, however, with UMRA doing most of the work for the backend work flows, it made this tasks a lot easier. So this blog post will show you and give you some tips and how you might go about creating a web portal similar to this scenario, and give you some ideas on how you can integrate your work flows into you usermanagment lifecycles.

UMRA – Web Based Work Flows Tips

So here are a few tips that might help you when you try to create a portal of this size. Create Smaller “Function” based UMRA projectsWhen you have a lot of different Work Flows that you need to create in UMRA , create them in smaller projects, so if you have to manage groups, have 1 UMRA project that will take 2 parameters : 1 samaccountname 2 ground DN. This UMRA Automation Project will be called “Portal – Remove Group From User”. Now you can use this project anywhere in a work flow you create for your user. Now on the flip side, lets create another UMRA Automation Project that will accept the same parameters however, this script will ADD a group to a user. You can now do the same exact steps for Disabling a user account, and reactivating a user account.Some sample “Functions” you may have.

Portal – Add User To Group
Portal – Remove User From Group
Portal – Remove All Group Members
Portal – Disable User
Portal – Reactivate User
Portal – Move User

All these functions above will be very small UMRA projects that accept 1 or 2 parameters at the most. So how does creating smaller UMRA Automation Project help you with your Web Based Work Flows? Simple, now you can create your work flow with the smaller functions, and manage your Delegated Work Flows easier.Example of Work Flow:UMRA Automation Project Name : Portal – Work Flow Disable UserYour Script will follow your normal Work Flow, however now you can “call” your other smaller “Function” based scripts.

Get User AD
Call Function > Portal – Remove All Group Members
Call Function > Portal – Disable User
Call Function > Portal – Move User

Now as you can see his new UMRA Automation Project Work Flow we created, is comprised of almost all “function” based scripts you created previously. Now when you need to change how a “Move User” action takes place, all you need to do is edit 1 UMRA Automation Project script, and not 3 or 4 other UMRA Automation Project scripts. I hope this helps you in designing your portal, keep a close on this blog for more quick and cool tips on how to manage your active directory via we portals with User Management Resource Administrator UMRA.

UMRA – COM Active Directory Reporting

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – COM Active Directory Reporting

Running reports or obtaining information is always critical to any business. Having real time data on your active directory environment at your finger tips, is a huge benefit. As you’ve seen in my other posts about the flexibility of UMRA to create and manage Active Directory objects, UMRA also has the ability to gather large amounts of data quickly. With this in mind, we can now create custom reports via a webpage, or portal, and harness UMRA to get this data, and display it quickly. So in this blog post, we will talk about UMRA ability to do UMRA - Active Directory Reporting, and a few tips to help speed up more complex queries and data mining.

UMRA – COM Active Directory Reporting Tips

A lot of our clients want reports regarding Active Directory User data, with this in mind, we will focus on 2 major reports that you might find handy. Now keep in mind, these are not the only reports you can run with UMRA as your data mining tool. You can really run reports on anything in your Active Directory environment (almost anything). The 2 reports we will focus on are “User Password Expiration Dates” and “Total User and Computer Accounts” Reports. But before we get to these 2 reports, I will give you a few tips on how to speed up these queries and data mining.

Tip 1 > When gathering large sets of data, use UMRA DataTables – Not loops within your webpage.

Tip 2 > On Active Directory attributes that require conversion, have UMRA do these calculations, and not your webpage.

UMRA – COM Active Directory Reporting How To

We will keep this topic at a high level, if you need help with connecting to the UMRA COM object through a web page, please see my previous posts. If you need help with looping through UMRA table data, please see previous posts on these topics.

Report - User Password Expiration Dates

Step 1 : Create a UMRA Automation project that create 1 UMRA datatable, with a filter of just users, and users attributes (samaccountname,accountexpires) *NOTE* on the accountexpires attribute its stored in Active Directory as a long integer so have your UMRA datatable convert this value into time/date.

Step 2: Create your webpage to connect to this UMRA datatable, and loop through the table data and display the samaccountname, and accountexpires columns to your webpage (If you need help with this, see previous blog posts)

Step 3: Run your webpage, you will now see usernames, and there accountexpires dates.

Report - Total User and Computer Accounts

Step 1: Create a UMRA Automation project that create 1 UMRA datatable, with a filter of just users, and users attributes (samaccountname)

Step 2: Create another datatable in the same UMRA Automation project, but this time we are going to create filter that datatable for computers, not users, and pull back the samaccount attribute for each.

Step 3: Use the “Manage Table Data” Action, and have it “Get Number Of Rows” in your “users” database, and then Use another “Manage Table Data Action, and have it also get the “Get Number Of Rows” on your computers table.

Step 4: On your webpage, connect to your UMRA Automation project, and get the variables you set for the 2 different “Manage Table Data” actions, and display those on your page.

Step 5: Run your webpage, you will now see the counts for all your user objects, and computer objects in your Active Directory Environment.

UMRA – COM Portal Security Models

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – COM Portal Security Models

When creating any web based portal with UMRA figuring out and creating your Security or Role Based Access model is critical. Some Security Models can be as simple as 1 Accesses type allowed into the UMRA portal; however in some of our client portals, they require a far more flexible but yet granular Security Model. So in this blog post I am going to talk about the different types of UMRA based Security Models that you can create, and how to expand on those.

UMRA – COM Portal Security Models Tips

Before I start any UMRA portal I like to find what Active Directory Attribute we are going to use as our Role Based Access identifier. What do I mean by this…? When you have a multi level UMRA Security Model, you need to see what attribute in active directory will be uniform across the domain (or multiple domains), so you can make sure you give the correct UMRA Role Based Access to the user logging into the portal. Now, you don’t have to rely on Active Directory itself for this data… as you’ve seen in other blogs, UMRA has the ability to access an ODBC compliant database, such as a Human Resources System, or Student Information System… You can have UMRA grab data out of these other systems, and use information obtained to distribute the UMRA Role Based Access accordingly. So now that we know what we are going to base our UMRA Security Model on, we now need to focus on What Role Types we will have.

UMRA – COM Portal Security Models Roles

So in the previous paragraph we know what we will base our Role Types off of, now we need to figure out what Roles we will have in the data base. What are “Roles”… A Role can define a “type” of user, or group of users. You may have general users type who will be able to search for users, however there searches will be filtered on a set of OU’s or users they manage. You may also have another set of users, who will get to see different “tabs” or see different options in displayed to them. In most cases and portals we build, there are 2 different types of UMRA Role Based Access types, General Users, and Super Admin Users. So now that we know our identifier, and different Role types, we can now put all this together.

So below is an example of how you can now take the steps we previous did, and wrap your UMRA portal in your new Security Models.

Step 1 > Create a UMRA project to get your UMRA Role Based Access identifier.
Step 2 > Have your web page loop, or do a case statement on the different Roles you’ve defended.
Step 3 > Wrap the rest of your web pages, or forms in your security.

UMRA – Get GPO’s on OU’s

If you haven’t already download the free trail version of User Management Resource Administrator here > Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

UMRA – Get GPO’s on OU’s

Just recently I was tasked with creating a client a web portal that helped delegate out Active Directory tasks, to over 19 different schools. Each school will have 4 different Roll Bases Access Types, and 2 more additional groups that were considered “Super Users”. In total, this UMRA based web portal was no easy task, and would be quite difficult if we didn’t utilize the power of UMRA’s ability to get data from Active Directory and process it rather quickly. However, with UMRA I was able to gather critical Active Directory information needed to get me the information on the users account quickly, and accuratly everytime. The only major part of this web portal that was very tricky and hard to do was Getting GPO’s that were on selected OU’s. This sounds like an easy task, however it’s not, it required 3-4 linked UMRA projects, and 1 VB Script. I thought this below script was very powerful, and worked great with UMRA’s ability to get data from Active Directory quickly. There are multiple ways that you can get something like this to work, even a fully UMRA scripted way, that I was able to get working after I found the below VBScript online.

UMRA – Get GPO's On OU Tips

When creating a solution like this there are few tips and tricks that will help you along the way. First when obtaining all the Group Policies on a specific OU, you will need to put these GPO's into a UMRA Datatable. Form this table, you will loop through, and add the GPO ID's to an additional table. Here is the trick, this table will have just the Long ID's of the GPO's and not the names, so you will need to do a 2nd loop, to loop through the GPO's ID's and get the Names of the GPO's, Here is an example of what the tables look like when you run your loops. This should give you a better idea of how to create such a script.

Table 1 - OU's
testplace.local/myou/secondlvelou
>This table will pass each record to a second UMRA script that will now get all the GPO ID's for the passed in OU.

Table 2 - GPO ID's
{31B2F340-016D-11D2-945F-00C04FB984F9}
>This table will take the table of GPO ID's and send them to a third UMRA project that will get the name for the associated GPO ID that was passed.

Table 3 - GPO ID's Names
Laptop Security Room 105
>This table will be your finished tabled, it will contain a complete list of GPO's by name, that were on the OU passed in. You can now display this table in a UMRA - Delegation Form or Display it out with UMRA - Automation COM Object on a webpage.

Below is the VB Script that does a bulk of the work if you use the VB Script method, please feel free to use this script…I found it very handy.

VBSCRIPT:

On Error Resume Next

Set objContainer = GetObject
_
("LDPA://YOU OU DN")

strGpLink =
objContainer.Get("gPLink")
intGpOptions =
objContainer.Get("gPOptions")

If strGpLink <> " "
Then
arrGpLinkItems =
Split(strGpLink,"]")
For i = UBound(arrGPLinkItems) to
LBound(arrGpLinkItems) + 1 Step -1

arrGPLink =
Split(arrGpLinkItems(i-1),";")

strDNGPLink = Mid(arrGPLink(0),9)

Response.write GetGPOName
Select
Case arrGPLink(1)
Case
0

Response.write "No Override is cleared and the GPO is
enabled."
Case
1

Response.write "No Override is cleared and the GPO is
disabled."
Case
2

Response.write "No Override is checked and the GPO is
enabled."
Case
3

Response.write "No Override is checked and the GPO is
disabled."
End Select

Next
Response.write VbCrLf
End If

If
intGpOptions = 1 Then
Response.write "Block Policy
Inheritance is checked."
Else
Response.write "Block
Policy Inheritance is not checked."
End If

Function
GetGPOName
Set objConnection =
CreateObject("ADODB.Connection")
objConnection.Open
"Provider=ADsDSOObject;"

Set
objCommand = CreateObject("ADODB.Command")

objCommand.ActiveConnection = objConnection


objCommand.CommandText = _

";;" &
_

"distinguishedName,displayName;onelevel"
Set objRecordSet
= objCommand.Execute

Do Until
objRecordSet.EOF
If
objRecordSet.Fields("distinguishedName") = strDNGPLink
Then

GetGPOName =
objRecordSet.Fields("displayName")

objConnection.Close

Exit Function
End
If
objRecordSet.MoveNext

Loop
objConnection.Close
End Function

UMRA – Web Based Group Management

If you haven’t already download the free trail version of User Management Resource Administrator here à Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”

UMRA – Web Based Group Management

Group Management in Active Directory is no easy task, however with UMRA these time consuming task are now handled with ease, and precision. Many of our clients want some type of UMRA – Web Based Group Management web page in a portal, or integrated in an intranet site they may already have in place. Most of these tasks range from creating a new group, adding / removing members from a group, and adding groups to groups. This is not easy task when creating a web page that has all these functions. However, we utilize UMRA – Automation Module COM object to allow users to send data to specific UMRA projects, and have UMRA handle all the Active Directory work, or downstream systems work. Below is a quick VBScript that will loop through a table of a Active Directories Users Account, and Display the DN’s of that group on the screen. When you click on the Active Directory Group name, it will prompt you with the Groups DN.

First setup a UMRA – Automation project and get any users “memberof” attribute and add that to a table called “usersgroups”. If you need help with this, please see previous blog posts.

Second Step…Copy and paste this into your .asp file, and run it. You will see all the Active Directory Users Groups DN’s listed, and when you click the group name, you will prompt with the groups “DN”.

VBSCRIPT

'Create/Set Variables
Dim RetVal
Dim UMRA_Server
Dim UMRA_Port
Dim RowIndex

UMRA_Server = "MyServerName"
UMRA_Port = 56814
RowIndex = 0
'End Create/Set Vairbales

Set Umra = Server.CreateObject("UMRAcom.Umra") ' Create a New Instance of UMRA
Set UmraDataTable = Server.CreateObject("UMRAcom.UmraDataTable") ' Create a New Instance of UMRAcDataTable

RetVal=Umra.Connect(UMRA_Server,UMRA_Port) ' Connect to UMRA
Response.write "Connection to UMRA:" & RetVal & "<br>"

if (RetVal=0) then
RetVal=Umra.ExecuteProjectScript("My UMRA Script Name") ' Connect to your UMRA script
Response.write "Connection to UMRA Script:" & RetVal & "<br>"

if (RetVal=0) then
RetVal=Umra.GetVariableDataTable("%usersgroups%",UmraDataTable)
Response.write "Connection to UMRA DataTable:" & RetVal & "<br>"
RowIndex=0 ' Create a new Row Counter
RetVal=UmraDataTable.GetCellText(RowIndex,0,groupdn) ' Column 0 of our datatable

While (RetVal=0)
'Here is where we do the loop, and display on the page, the contents of the
Response.write "Group Name:<a href=""javascript: void(0)"" onclick=""showgroupdn('"&groupdn&"')"">"& groupdn & "</a><br>"
RowIndex1 = RowIndex1 + 1 ' After we get row 0, lets increment to get row 1 etc.
RetVal=UmraDataTable.GetCellText(RowIndex,0,groupdn) ' Column 0 of our datatable

Wend
else
Response.Write "Form Project Not Found"
end if
end if

END VBSCRIPT

This is only the first step to UMRA – Web Based Group Management in a portal, or intranet. In our next post I will show you how to setup buttons to remove groups from a specific user.

UMRA – Web Based User Provisioning

If you haven’t already download the free trail version of User Management Resource Administrator here à Download

If you want to learn the basics on how to connect to UMRA with its COM object, please see my original post on “Basics of UMRA COM”.

****UPDATE****
I've been getting alot of questions, and request to explain a little more on this blog post, so please also see http://umratips.blogspot.com/2009/05/umra-web-based-user-provisioning-v2.html

UMRA – Web Based User Provisioning

A recent project I built for Nash Finch included a very handy and time saving web based user provisioning portal. Web portal you ask…yes, with the UMRA COM object I was able to create an delegate out tasks for specific Role Bases Access (RBA) Users, and have them create users on the fly. However, for this UMRA – User Provisioning process was more then just creating a new user in Active Directory. We added multiple steps for checking that new user ID’s were not already used in Active Directory, we also pulled back matching user data from an Human Resources System (HR) with UMRA. As we checked the preliminary data for Active Directory compliance and consistency, we also checked to make sure usernames were not taken in down steam systems, ie: PeopleSoft / Novell etc (these are just examples)…

How did this help Nash Finch with there everyday User Provisioning? It helped them by speeding up the User creation process, by allowing selected UMRA - Role Bases Access (RBA) Users were to go to a portal, enter user information, have that information checked for Active Directory compliance and consistency, press a 1 button, and have it create the active directory account. The users, who use the portal, don’t need any type of elevated rights in Active Directory, or have any special privileges in any systems to do these tasks. Plus, every time a user is created in this fashion, the usernames / home drives / security / group memberships / email were all created the same way every time, and done in seconds.Below is a great diagram on the tools4ever website shows how UMRA – User Provisioning is handled easily.> You can click here to see the article and diagram on tools4ever website.

UMRA – Web Based User Provisioning Examples

I've been getting some good feedback on UMRA ability to handle all the different types of User Provisioning through a web portal. To put it simply and try to anwser as many questions as possible, at one time... The web portal can be a very simple page, firstname, lastname, maybe a drop down box for description fielt, and a few checkbox's for exchange 2000/2003/2007 or any other downsteam system. UMRA has all these functions built in, so no need to spend hours and hours scripting out these process, now you have FULL control over how these tasks are delgated out to your different users. When they click the "create button" UMRA will take this data and process it through your script, and create, manage, change etc. and run your logic on the data that the user just entered. Below are a few screen shots of how you can create your portal, and have differnt "Create User" Forms. Keep a close eye on this blog, since we will cover more of this topic here in the future, and more screen shots.