Hello,
We would like to monitor all of our Active Directory groups for proper membership compliance. Each group is assigned an Owner which can then monitor who all belongs to that group. Every quarter IT would like to Email the Owners and ask them to verify each member that belongs to the group(s) they own. If they need to remove a member(s) this process would invoke an Email to authorize IT staff to remove else they authorize the rest of the members to stay in the group. This would all be reported on also.
Is there a "canned app" that can perform this or something similar to fulfill our audit compliance of group memberships?
Example: Jim Smith is the Owner (Supervisor) of the Accounting and Purchasing shares out on the network. Joe Blow leaves the company and is replaced with Jane Doe. Sometimes the helpdesk does not remove Joe Blow properly and needs to check this quartery to make sure only the proper members belong to the above shares.
Accounting - Owner Jim Smith
Members - Joe Blow, Jane Doe, Earl Swanson, Denise Richards
Purchasing - Owner Jim Smith
Members - Joe Blow, Earl Swanson, Denise Richards, Rick Jones
Jim now sees that Joe Blow needs to be removed from both Accounting and Purchasing. He also sees that Jane Doe should be a member of the Purchasing group due to her responsibilities.
By using this application he can then notify the help desk to perform those changes.
If the Supervisor forgets to perform the compliance check then a nag Email is sent out to remind to do it again before the quarter is up.
Thank you!
Start Free Trial
