A little automation can go a long way when it comes to Active Directory Wall-E

A little automation can go a long way when it comes to Active Directory.

As business grows, systems administration can become a daunting challenge

One systems administrator shares how he scaled his workload from dozens of users to thousands

Since joining KGP Logistics as System Administrator, Mike Jarman has had to step up his game a bit.

While he had previously managed Active Directory deployments in the tens and dozens, now it’s in the thousands.

“It's amazing how one button push can affect so many people,” he said.

His old tricks of using remote login tools to check on various sites for customers just didn’t scale, and so alongside trusty PowerShell, he also turned to management tools from ManageEngine to help scale up to the challenge.

"It's not that I can’t pull it out, it's just the ease of getting that information at that time,” he said. “Sometimes you're dealing with something very high level, and sometimes you want something more specific. If I want something more general, I use PowerShell. For what I can't pull out of PowerShell, I use AD Manager."

According to the results of a recent ManageEngine survey, Jarman isn’t alone in wanting a little extra help: The survey found that 47 percent of IT admins “find it difficult and time consuming to gain awareness of the current security settings of their Windows environments.”

For those that are able to script their way to better awareness, the process can still be tedious. And it’s often a problem that gets worse over time.

"I'm not sure how it happened, but as we've grown we've recognized some problems from the past and made corrections, and gone forward,” Jarman said. “I was brought in to clean up a lot of this stuff, because we've acquired a lot of business, so I've used that tool to consolidate our information, make it more concise, more logical.”

He said sound monitoring and automation of common Active Directory tasks was critical to helping eliminate growing pains as his company staffs up and acquires other organizations.

“If you're bringing on a large volume of people, there's potential for any one person to have a problem,” he said. “And nothing can cause an acquisition to go sour more quickly: You can go from a hero to a zero really quickly."

But in today’s business environment, even worse than an annoyed employee are the potential security ramification if security policies are misapplied.

The ManageEngine survey found 70 percent of respondents “agree that their Windows environments are not completely secure from malicious attacks,” with another 10% saying that they simply unaware of what Windows security standards should be.

Consistent automation and monitoring can help departments develop strategies and guidelines and stick to them.

For Jarman, that help is appreciated.

"I don't think it's ever going to go away: It's the wild west,” he said. “You've got zero day threats that no one knows about, and you've got an IT team that's doing their part to make sure the network is secure."

Any tools that tip the balance in favor of the good guys are greatly appreciated.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.