CloudEnterprise.info

Posts Tagged ‘Active Directory

Last week was the official commercial launch of Quest OnDemand Recovery for AD – a subscription-based automated service which protects your Active Directory for a small monthly fee.

Changes are good, and Active Directory – as the identity core of most companies’ IT – is always changes. However, sometimes wrong changes happen: accounts or whole containers can get accidentally deleted, or a script can go wild and wipe out a bunch of attributes across a set of accounts (I personally once got affected by such an incident a few years ago).

Quest OnDemand Recovery for AD works as a time machine for your Active Directory:

  1. A small local agent in your network on the schedule you select detects changes in AD, compresses and encrypts them and sends them to a remote datacenter.
  2. Whenever you need to roll back any change, you log on to the web site, browse and search your backups, pick the change you want to undo and click Restore.
  3. The agents gets the changes back and applies them to the local AD.

Watch the quick video here:

There is a free 30 day trial of the service, after which you can keep using it for a small monthly fee (which when I am writing this is just 60 cents per AD user account per month).

You can learn more about this service and sign-up for it here.

Full disclosure: I am personally involved in Quest OnDemand efforts. And very excited about it, I must say. 🙂

Windows-from-the-cloudPundits talking about how Windows 7 is all about Microsoft competing against Apple, recovering with Vista consumer adoption disaster, or getting people off of XP, are missing one other – extremely important – part of the Windows 7 story. Windows 7 and its server counterpart – Windows Server 2008 R2 – are actually the first real step in Microsoft’s Windows Cloud Story. Before Windows 7 Microsoft could offer some services (such as Exchange Online) from the cloud – but could not provide full enterprise directory, security and so on – now they can.

Microsoft has always called their SaaS plan Software + Services, emphasizing that they can enable rich Windows and application experience over the internet. The reality however has been that in most cases these have been limited to a few web-enabled (e.g. Outlook) or pure web (e.g. SharePoint) applications. Most Microsoft systems and their whole enterprise security model rely on Active Directory and intranet network connectivity – neither of which work should the directory be located in Microsoft’s datacenter.

Now Microsoft has actually quietly added a few key features enabling this scenario:

  • Offline Domain Join – customers can now have add their computers to Active Directory without ever having them in the same network (by importing special security key they get from whoever is running their domain.)
  • DirectAccess – end users can log into their domain and access any services (including even file servers) without having to VPN into the network and there is a way to automatically enforce their patch and antivirus level using Network Access Protection (NAP – the feature they added in Vista which now really shines when added to DirectAccess).
  • Active Directory Management over Web Services – even administrative tools: both graphical and command-line – got revamped to work over web services instead of traditional direct connectivity.
  • To say nothing about much improved Remote Desktop Services, application streaming, Virtual Desktop Infrastructure and so on. There’s definitely some pattern here!

With these technologies, Microsoft will actually be able to run your entire environment in their datacenter, yet let users securely connect to that environment from their own Windows machines.

This is a pretty important step in fighting the Web 2.0 approach of Google and the like which are suggesting that all your applications are going to be replaces with in-browser web counterparts like Google Apps. And obviously Microsoft’s approach has the potential of providing a much more familiar and evolutionary way of outsourcing your IT than radical “we’ll find everything on the web” way.

It is also fascinating to see that Microsoft is not yet positioning these technologies as hosting enablers. Their documentation lists them as advances for enterprise own administration. Yet, administrators find them quite hard to discover and set up. My guess is that this is because, as I mentioned above, these feature are not really for customers but are for hosters – most importantly Microsoft – and Microsoft is simply not ready yet to publicly announce their next generation services which make use of the features.

My gut feeling is that we will hear about them pretty soon. Time will tell.

Recording from my TEC session on IT professional view on identity management and AD-integration for Exchange Online and Windows Azure has just got posted:

Enjoy!

You can find other session recordings from TEC (including keynote!) here.

Also, if you are based in Europe – TEC Europe in coming to Berlin in September and early bird discounts are still available – see the conference site for details.

Technorati Tags:
, , , , , ,

Just got a note from The Experts Conference organizers that my session on Azure and identity management got into the agenda.

Active Directory, User Identity and Azure/BPOS for IT Professionals

In this session we will dive into identity management, federation and sign-on process for Windows Azure and Microsoft’s BPOS products such as Exchange Online and SharePoint Online. How do you set up federation between your existing Active Directory and these “cloud” applications? Which options do you have? How does authentication actually happen? How much of the infrastructure and management effort can be shared across these applications and how much is application-specific?

Speaker

Dmitry Sotnikov is a PowerShell MVP, regular blogger (http://dmitrysotnikov.wordpress.com and http://cloudenterprise.info), and a presenter at various events. Being in charge of Quest’s Technology Research he has already made the company an industry leader in Migration, SharePoint and PowerShell space, and is now leading it into the cloud computing era.

The event is in Las Vegas March 22-25. My session is on Monday.

I’ve blogged about TEC before – this is really one of my favorite event since the days it was called DEC. Highly recommended if you are looking for technology deep dive sessions (as opposed to product pitches which unfortunately take up most of most of conferences these days).

Visit the conference web site for agenda and registration.

Tags: , , , , ,


RSS My company’s main blog

  • An error has occurred; the feed is probably down. Try again later.

My Recent Tweets

Blogroll

Legal

The posts on this blog are provided “as is” with no warranties and confer no rights. The opinions expressed on this site are mine and mine alone, and do not necessarily represent those of my employer Jelastic or anyone else for that matter. All trademarks acknowledged.

© 2008-2012 Dmitry Sotnikov

%d bloggers like this: