Overview

The NetIQ Difference—Secure and Efficient Active Directory Administration

NetIQ Directory and Resource Administrator provides the granular control needed to reduce the costs, and often the complexities, of administering Active Directory, while improving the security of your IT infrastructure. Your ability to control administrative privilege on a granular level enables you to drastically reduce the number of users with elevated access to the sensitive business information you store in Active Directory. With the robust auditing and reporting capabilities of NetIQ Directory and Resource Administrator, you can quickly access key information about your business and provide meaningful reports to necessary stakeholders.

Delegation

Improves administrative efficiencies

• Comprehensive delegation model - incorporates more than 60 roles, 300 powers and high-customizable rule delegation.
• Task-centric web console - is organized cleanly for casual administrators and help desk users.
• Content, consistency, and context controls - assures the integrity of information stored within Active Directory and Exchange.
• Patented dynamic ActiveView technology - presents only the objects a user is permitted to manage and the tasks that they are allowed to perform.
• Self-administration - enables user to update their personal information, as well as reset passwords.
• Recycle Bin - simplifies the restoration of deleted objects, without requiring complex backup or restore procedures.

Compliance

Improves Compliance

• Scalable reporting - uses embedded audit technology and helps ensure the ability to properly collect and record changes in large scale environments.
• Secure event storage - write once technology limits the ability to tamper with stored events.
• Audit event storage repository - compresses events for long-term storage.
• Before and after audit values - demonstrates what the value was before the change and the value after the change.
• Report customization - provides flexible reporting with drag-and-drop customization that is Excel based and that can be easily customized.

Security

Enhances Security

• Reduces native privileged accounts - enables change and policy to be managed by the product.
• Dual-key security - requires two administrators to confirm a change, (e.g., deletion of a user account).
• Comprehensive logging of user actions - assures a detailed audit trail for subsequent analysis or investigation.
• Access control - limits who can see information in reports with both group level and report level, and access control settings.

Automation

Automates Complex Tasks

• User provisioning - assures that when users are created or moved, the appropriate permissions and memberships within Active Directory and Exchange are enabled.
• Task automation - enables complicated and customizable procedures to be initiated pre- or post-action.

Integration

Seamless Integration and Extensibility

• Virtual Extensions to Active Directory objects - uses AD Lightweight Directory Services (LDS) to create and manage virtual attributes without requiring any extension of the AD schema.
• In-console launch of scripts or other applications - view through a managed object's context menu.
• LDAP-based search queries - allows advanced searches to be created and shared across administration teams.
• Scriptable LDAP-compatible ADSI provider - enables easy extension of available automation routines.
• Support for automated, rules-based provisioning of AD - leverages Human Resource database feeds, (e.g., SAP) through IQ Extend for Account Provisioning.