• Compare
• Company
  • Leadership
  • Careers
  • Partners
  • Press Room
  • Events
• Solutions
• Products
  • Password Manager
  • User Manager
  • Group Manager
  • Exchange Manager
  • SharePoint Manager
  • Connectors
  • Dot Net Workflow

User Manager

Automated User Provisioning and Administration

EmpowerID User Manager reduces costs associated with provisioning and administering user accounts and creates a rapid ROI by eliminating tedious and labor-intensive manual procedures and streamlining ongoing delegated administration of multiple directories and applications from a single unified console.

As the first and only solution built on a workflow and role-based access control platform, User Manager offers the industry's most flexible and easy-to-use multi-directory user provisioning and administration solution with automatic approval routing, email notifications, and complete activity tracking to assist with compliance and audit initiatives. User Manager unifies digital identities across all directories and applications in the enterprise so that when an identity is created or changed in an authoritative system, the new information is automatically propagated to all appropriate systems. This unified view can provide secure corporate white page views, a valuable collaboration tool for finding other employees, viewing photos, and locating corporate assets and resources.

User Manager performs five critical security functions:

Multi-Directory User Provisioning and De-provisioning

EmpowerID User Manager automates the entire process of provisioning, management, and de-provisioning of user accounts across your multiple directories, based upon pre-defined role-based policies. EmpowerID's unique role-based provisioning policies determine the user accounts, mailboxes, home folders, and other resources to be created in various enterprise systems based upon a person's job function and location. These policy-based resources are automatically provisioned, moved, and de-provisioned throughout the employee's lifecycle in an organization. In addition, group membership and application roles are managed in the same dynamic manner, eliminating the threat of privilege accumulation over time as an employee changes status within an organization.

Delegated User Administration

User Manager extends far beyond simple user account creation, attribute edits, and deletion; it provides dozens of workflows, as well as providing the workflow building blocks for use in customization that cover all aspects of user management. The workflows perform the functions of the native Active Directory and LDAP management tools while adding granular delegation, workflow approvals, built-in activity reporting, naming convention enforcement, and task automation. User Manager can be used as a deleted object recovery tool, allowing restoration of deleted user objects with all their attribute values and group memberships. User Manager also offers full support for all Microsoft PowerShell management tasks for Windows Server 2008 R2 in easy-to-use graphical workflow shapes.

EmpowerID's User Manager unifies the management of users, mailboxes, and other resources under a single, powerful role-based delegation and administrative model that closely matches the one found in Microsoft's Exchange 2010, but it is more expansive with an ability to manage all aspects of Active Directory and other types of managed directories and applications. User Manager eliminates the need to delegate and manage the complex permissions in Active Directory that technical and business users need to perform user management tasks. User Manager provides easy-to-use web and WPF interfaces that drive powerful and customizable workflow processes.

Self-Service Accounts Requests and Registration

User Manager includes a library of workflows that allows end users to perform self-service management of their user accounts and identity information. Friendly web, Silverlight, and WPF user interfaces provide users a holistic view of their identity information, allowing them to view their accounts and the access they have across many directory systems and applications. Users may perform self-service management of their directory information with updates being synchronized to all of their user accounts in any EmpowerID managed system based upon attribute flow rules. Users may also perform self-service requests to claim user accounts not already linked to their metadirectory identity, view their login history, and review all of the workflow decisions and actions they have performed over time.

In addition to self-service workflows for existing users, User Manager includes workflows for new users to request access and to create user accounts. Anonymous users may run workflows to register and to request access to selected systems and applications. These self-registration, or user account request workflows are routed for approval and can automatically provision user accounts in a wide variety of directories. User Manager is built on the Dot Net Workflow platform and can be extended to cover any processes surrounding user management or self-service with flexible and auditable security.

Multi-Directory Attribute Flow

User Manager leverages the Dot Net Workflow platform's synchronization services to continuously monitor your connected enterprise directories for changes, logging changed values and keeping a history of all previous values. When a change is detected, an evaluation of attribute flow rules determines whether the change should be propagated to all subscribing directories or rolled back based on the applicable configured rule. Flexible attribute flow rules determine which enterprise directories are authoritative for specific directory attributes and which directories are subscribed to receive these changes.

Detailed User Account Reporting and Change Tracking

The information gathered about user accounts is stored in a relational Microsoft SQL metadirectory, which provides rich reporting of all aspects of the user accounts and employee records within your organization and the changes that occur to them. The sync engine detects new account creations, account deletions, and attribute changes while logging both the before and after values. All management of user accounts performed through EmpowerID includes a rich audit trail of this activity and meets the key requirements of corporate compliance and governance initiatives.

User Manager provides organizations with centralized workflow and role-driven automation of the entire identity lifecycle. EmpowerID ensures that security policies are consistently applied, prevents the accumulation of privileges, and provides a secure and auditable platform for compliance efforts

Why User Manager

User Manager provides user lifecycle maintenance coupled with a robust security model that ensures the integrity of user identities and access across the enterprise.

• Unified Console - Its single management console allows full management of user accounts in the same interface for managing groups, mailboxes, SharePoint sites, etc.
• Deleted User Restoration - It offers workflows to restore deleted users and brings back their attribute values and group memberships
• Workflow - Its Microsoft Windows Workflow Foundation-based architecture allows complete customization of existing processes and the creation of your own workflows to match any business need
• PowerShell Automation Platform - It provides the ability to utilize any PowerShell cmdlet as a protected operation in a workflow with granular delegation, approval routing and built-in audit logging
• Metadirectory - Its metadirectory engine to inventories and continuously monitors Active Directory for changes
• User Experience - Its flexible user interface options include web, SharePoint, Silverlight, and a rich WPF client
• Role-Based Access Control - Its enterprise proven Role-Based Access Control model for granularly delegates and reports on who has access to what