Context: * As part of our user management, we execute some tasks outside of ARM using Powershell scripts * ARM only becomes aware of these changes after an AD scan * Therefore, every IT user must be able to perform an AD scan manually * According to the Support, a manual AD scan is only possible with a user of the…
Currently it is needed to assign a Department profile manually to each user. In larger Organizations with various changes per Day this is not usable. A Feature to automatically assign the Department Profile according to specified criteria (for example Group Membership, OU or Depatment) would be very helpful.
It would be great to have an option to enable / disable the automatic update for the ARM collectors. The automatic update function never worked in our environment anyway - updates have been installed manually eversince.
Hello, the report for inactive accounts should show if the deletion of inactive accounts is already planned so you can see that there is no more work to do. Or the report should directly have a filter to not show accounts with a planned deletion. Actually we have to copy all the planned jobs and match them with the…
If environment has multiple domains, there can be a need to use multiple service accounts when adding admin credentials for collectors and/or scans. It would be helpful if these credentials could be saved for reference later so they are not required to be input again.
We need to create a report each 6 month to recertificate folder access of users. So I need to create reporting by Organisational Unit where users are placed by services (One OU = one service) I need to generate folders where all user in one OU have access The problem is that ARM don't use filter like that, exemple: in "who…
Within Navision it is a huge issue regarding access rights, would be great if this could be managed via ARM
auditors request reports that includes the following field * User ID * Full name * Description * Enabled and disabled status * Password never expires * Last password reset * Date account created * Date of last login * Include all domain accounts between ARM application User and Groups report and the Web report the…
The service account for ARM is recommended to be Local / Domain Admin. This gives a lot of permissions to an account. One thing I like to do with privileged service accounts is to disable local logon and terminal logon. This provides a good control in case the password is learned by unauthorized users. Unfortunately, ARM…
It is only possible to Change permissions for only one folder. A multiselect feature would make the provisioning more efficient.
It looks like you're new here. Sign in or register to get started.