Desktop Management Software

Recently, I was involved in the Desktop Central delegated administration tests in the windows 2003 based domain. I tried this using native Microsoft delegation wizard tools. For some references i happened to read the official Microsoft 2003 delegation document.

It’s a document which spans for 200 plus pages. Here is the document link for your reference

Good one for those who wants to know the complete story about delegation and its insight. For the rest, here is my simple version of the digest

What is delegation?

Delegation is the transfer of administrative responsibility for a specific administrative task from a higher authority to a lower authority. Technically saying, delegation of administration from higher-level administrator granting a controlled set of permissions to a lower-level administrator in order to carry out a specific administrative task.

What is the advantage of delegation?

By increasing administrative efficiency and decentralizing administration, delegation reduces administrative costs and improves manageability of IT infrastructures.

How is it being done?

According to Microsoft, administrative responsibilities of managing an Active Directory environment can be classified into two categories.

* Service management, which is responsible for administrative tasks involved in providing secure and reliable delivery of the directory service. Below given are the some of the Active Directory Service management related tasks.

* Add/Remove Domain Controllers in the infrastructure

* Domain controller Role management (PDC emulator, schema master..etc)

* Manage/Monitor Replication

* Performing regular backups of the directory database

* Domain and Domain Controller security policy management,…etc.,

* Data management, which responsible for administrative operations involved in managing the content that is stored in or protected by the directory service. Few examples are

o User accounts management (Add, delete, modify, move etc.,)

o Computer accounts management

o Security groups (used to aggregate accounts for the purpose of authorizing access to resources) etc.,

Thus, data and service management administration tasks primarily involve effecting the change of data that is stored either in Active Directory, or in some cases on the file system or registry of Domain Controllers and other computers joined to Active Directory

Access Control

Access control is the means by which administrators can control, or delegate, the ability of other users to manipulate objects in Active Directory and also to perform actions on domain controllers and file servers. It involves three stages of operation

o Stage I : Security credentials of the user who wants to access a resource

o Stage II : Authorization data that protects the resource that is being accessed

o Stage III : An access check that verifies whether or not the requested access can be granted

When a user attempts to perform a low-level operation on an object, the operation being attempted is subject to an access check. The access check takes into account the user security credentials and the authorization data on the object on which the low-level operation is being requested to determine the abilities of the user in relation to the respective object. If the access check determines that the security credentials of the user requesting the operation and the authorization data on the target object provides sufficient permissions to execute the operation, the operation succeeds. If the user has insufficient permissions to execute the operation that is being requested, the request fails.

That’s about the document. Even though delegation provides lot of advantages, there are some pain areas which i wanna share, while using the native delegation wizard

There should be some tool which can make things easier. Easier to a level where a help desk person can understand and do this. Okay , coming back to delegation for Desktop Central, we are working on the possibilities and have some interesting stuffs to share, will keep you posted.

~ romanus ~

As part of the team that is developing Desktop management product, Desktop Central, I am sharing here my learnings on Desktop management. While doing the research and analysis on the difficulty network administrators face managing desktops, I came across an article written by Krissi Danielsson in “Techtarget” giving ten points to help network administrators effectively manage their setup.Eventhough a bit old I found those tips quite useful and guiding and so I am sharing with you the understanding on the content.

The first thing he was indicating was to understand the network completely before venturing into managing them.

He then goes about advising network administrators for automating and implementing remote management.

He is in favour of giving only the required software and access to the people who have the need and communicate whatever they do on the network to all people so that every one is in sink.

The full article is available in the link given below.

http://searchwinit.techtarget.com/tip/0,289483,sid1_gci887011,00.html

Take a note of these points and effectively manage your networked desktops.

Do post your comments on this topic here.

Regards

Sidambaram

Desktop Central is available from $245 , for managing 50 Desktops . This new Desktop Central pricing strategy will be highly helpful and affordable for all small business units. This 50 desktops version will have all the functionalities of the professional edition.

Checkout the rates in online store.