If you're not familiar with the term effective rights, it refers to the calculated rights that result from the number of different permission settings applied via group memberships, nested groups, hierarchical permissions, object ownership, and other considerations. NetVision's latest product is now available in a Single Server Edition (SSE) to provide effective rights reporting on (you guessed it) a single server for a very reasonable price ($795 per server).
Special Offer for Blog Readers!
Give Access Rights Inspector SSE a free trial on your own server. If you decide to buy, use the promo code "access10" until Dec 31, 2009 to get $300 off the price and pay only $495 to generate an unlimited number of effective rights reports on a single Windows Server. This can save an enormous amount of time during security audits.
Revenue Opportunity for Bloggers
We're looking for affiliates. Post a link from your blog and get 15% for each sale. That's ~$120 at full price. If you're lucky, you'll make that in a year with Google Adwords. Sell a dozen servers and you'll be picking out a brand new flat screen TV (maybe one of those backlit LED displays) ...or maybe making a down payment on a new car? It's easy. And it's a useful product. Give it a try for yourself and let me know if you're interested.
Security for the Digital Transformation: Cloud, Data, Identity & Access.
Thursday, December 10
Thursday, December 3
Querying AD from SQL Server
This is a great how-to article on querying Active Directory from within SQL Server. I've written in the past about using Virtual Directory technology to query SQL data via LDAP. This is the reverse and I can envision many use-cases where this would be useful. This isn't exactly new technology, but it's a new write-up on how it's done and very easy to follow.
For example, you could use this approach to extend the information available to an application without doing any data synchronization or introducing new data sources. If the application's logon ID is the user's email address, you could query AD based on that email and get info about the user's group memberships, attributes, manager, location, etc. and have that returned to the application as if the data were stored in the local app's database.
...another useful approach to keep in your development toolbox.
For example, you could use this approach to extend the information available to an application without doing any data synchronization or introducing new data sources. If the application's logon ID is the user's email address, you could query AD based on that email and get info about the user's group memberships, attributes, manager, location, etc. and have that returned to the application as if the data were stored in the local app's database.
...another useful approach to keep in your development toolbox.
Labels:
Active Directory,
AD,
LDAP,
software design,
synchronization,
virtual directory
Subscribe to:
Posts (Atom)