Synchronised and Secure — Publishing from Microsoft Active Directory
When you login to a networked computer system the likelihood is that your details will be checked behind the scenes against an electronic directory. One of the most common of these is Microsoft's Active Directory (AD). Typically, AD checks that your password matches the one it has stored and then gives you the appropriate access rights to a variety of services.
Active Directory is at its core a simple electronic directory containing items representing computers, people and groups which can be further organised into containers representing organisational entities such as offices, countries and continents. What access rights a particular user has is determined by what groups they are a member of. Items such a computers and people also have some standard information associated with them. For example a user has, in addition to a login account name, an office address, various phone numbers, email addresses, job title, manager’s name etc. This information can easily be extracted from AD using a program so, in addition to controlling access to services, AD can also be used for publishing information about the organisation.
Office Telephone Directory
We can publish an office telephone directory as a PDF file for printing or as a dynamically displayed list on a web site. In the example included here any changes detected in the last month are highlighted in yellow. As well as being a useful reference document this can also be used as an informal auditing system with staff being encouraged to report any errors.
Office Account Audit
We can also publish explicitly for auditing, outputting in the company-approved audit style. Such an audit may be used to help capture active accounts that should have been closed when somebody left. If the corresponding information can be extracted from HR and Finance systems the process can be automated further by programmatically comparing data from all the sources and helping to keep them synchronised.
So a little bit of work with a simple directory can help keep your organisation synchronised and secure.