The most notable new feature of this release is support for adding Active Directory groups as Role members. This is one of the most requested features by our customers, and potential customers for that matter. Now you may be asking “Why wasn’t it there in the first place?” Great question.
A Little History
Many moons ago, in previous IT organizations, groups were set up to manage admin access to servers, shares and various other network resources. It was easier to maintain, there was standardization and life was good. But then, as incident tickets and project work piled up, requests from other groups to be added to those resources were delayed. Sometimes they were denied because the business justification wasn’t adequate. Those not getting access or not getting it fast enough, realized that they could ask a friend who already had access to “add me to that group”.
Next thing you know, users and other groups who were never approved or intended to have access… do. Not good.
In an effort to avoid issues with nested group membership, the System Frontier RBAC model was originally designed to enforce a direct User-to-Role relationship. It’s worked great for several years, but customers wanted more. They want to control permissions via groups, as is the norm – and rightfully so.
AD Group Therapy
System Frontier is there to help, not get in the way. So add all the groups you want. Add groups to groups. You’ve got a handle on your AD group management, right? Now you can delegate granular permissions to anything on the wire and not be tied down. Download the update for your existing install or kick the tires on a free 30-day trial and check out the full release details on the Changelog to get started.