For most organizations, Active Directory group membership is the means of providing or denying message distribution and access to network resources. With the potential for unauthorized permissions or access however, it’s imperative that AD group membership be up to date at all times.
Policies are rules that specify the criteria for inclusion or exclusion from the group. They specify the container where the user object must reside and AD attribute settings that the group member must have. You can also specify users to include and exclude.
Once group policies have been defined, when a user object is created, modified, or moved in AD, GroupSymmetry immediately adds users to or removes users from the appropriate groups.
For Senergy policies associated with groups, Groupsymmetry can update group memberships so that Senergy policies are enacted immediately.
Unlike other group management products that update group memberships through a scheduled or manual synchronization process, Groupsymmetry updates groups in real-time. An Event Monitor service continually monitors any changes to a user object in Active Directory and if a change affects group membership, Groupsymmetry takes action by either adding the user to or deleting the user from the group.
Groupsymmetry policies define the criteria for membership to a network group. These criteria may be any combination of network location and Active Directory attribute values that the user must possess to qualify as a group member. Unlike custom-written scripts which require on-going maintenance, you simply create a single policy for each group you want Groupsymmetry to manage and then let the policies automatically manage group membership.
Groupsymmetry manages group membership for both Active Directory group types: security groups and distribution groups. Additionally, Groupsymmetry supports domain local/built-in groups, domain global groups, and universal groups.