Quest Software last week released new and updated versions of two tools for managing Active Directory that let IT administrators root out replication problems and more tightly control access to the directory.
Spotlight on Active Directory 3.0 is a diagnostic tool that features the new Active Directory Topology Viewer, which provides a graphical representation of a company's Active Directory nodes so users can diagnose replication and synchronization issues.
Quest also has added features to ActiveRoles 4.1, its directory-enabled administrative tool, for controlling what help desk technicians can view and modify within the directory.
Advertisement: |
The tool also lets administrators edit and set group policy objects, a set of objects stored in the directory that define security and software usage rights for users and computers.
With Spotlight, Quest has expanded the tool's focus to cover the entire topology of Active Directory, including directory and file replication and time synchronization.
Replication is key in Active Directory's multimaster world, where replicas of the directory typically are spread out across an organization. Administrators can add changes to any one of the replicas, and it is propagated across all copies of the directory. It's a powerful model, but one that quickly can disrupt the uniformity of the directory if something goes wrong.
"The No. 1 complaint we hear from clients that are having troubles is about replication," says John Enck, vice president and research director for Gartner. "It's either poor design or just general troubles. For anybody with a complex Active Directory environment, they should probably look at this tool."
Other vendors such as NetIQ, Aelita, BindView and Full Armour also offer Active Directory management tools.
Spotlight lets users run diagnostic tests on any links within the Active Directory infrastructure. The tool provides a graphical view of every directory replica and the links between them. Users can click on the links and get information on gaps in replication or performance problems.
With ActiveRoles 4.1, Quest is adding Help Desk Provisioning, which lets senior administrators restrict views of directory data for help desk staff who may only be resetting passwords or changing addresses and phone numbers.
The feature works only with Quest's Web-based administrative client. Quest also has centralized the management of group policy objects and added support for nearly 150 policy objects specific to the Windows XP Professional desktop operating system. Quest also has enhanced its Business Rules, which manages policies on how directory data can be structured, to include all Active Directory objects, not just users, groups and computers.
Likewise, the Business Views features, which let users be grouped regardless of where they reside in the directory, now allow for dynamic queries such as finding all users tied to a certain division.
ActiveRoles 4.1 costs $20 per managed user. Spotlight on Active Directory 3.0 costs $1,495 per managed domain controller. Both are available now.
RELATED LINKS
Contact Senior Editor John Fontana
Other recent articles by Fontana
Quest: www.quest.com
