Office 365 Automation and management
Making the move to Office 365 a breeze
To be more agile, cost effective and responsive to their business needs, organisations of all sizes are steadily marching towards the phase of either being in Office 365 or getting there. However, apart from all the advantages and features it provides, Office 365 brings increased complexity and additional challenges to the business processes related to management of user identities and access. Office 365 management becomes yet another new challenge to overcome and adds even more tasks to an already full plate of things to do. One of the major problems that emerge is how to get users into the organisation's Office 365 tenant and how to grant specific users access to the Office 365 services they need to comply with their specific duties.
The foremost essential step to achieve the much desired cost efficiency and operational agility is to automate Office 365 management tasks wherever and whenever possible. Adaxes delivers the missing layer of automation and policy enforcement needed to sustain the compliance and efficiency goals.
Office 365 Automation
Since Office 365 has no intrinsic means to automatically assign and revoke Office 365 licences for users, the burden of user provisioning for Office 365 services falls completely on the shoulders of technical services staff. But what does this mean in practice? It means that every time a new person joins the organisation, somebody needs to take care and manually assign all the necessary Office 365 licences to them. Which licences to assign usually depends on the responsibilities and role of each particular person. When the responsibilities or role change, the no longer needed licences must be revoked and the licences required to fulfill new duties must be assigned. If someone leaves the organisation, their licences must be freed for somebody else to use. No need to say that doing it manually is cumbersome, error-prone and requires a great deal of time and legions of expensive staff.
The beauty of Adaxes lies in the automation. Using condition-based rules, you can completely automate user provisioning for Office 365. When a new user account is created in the on-premises Active Directory, strictly following the rules, Adaxes will automatically activate the user in Office 365 and assign all licences the user needs.
Automated provisioning is only the beginning. Adaxes also provides dynamic reconfiguration and lifecycle management for Office 365. When the role or responsibilities of a user change, modifying properties of the user's account, adding the user to a group, or moving the user to another Organisational Unit will automatically adjust the licences assigned to them in Office 365.
When a user gets deprovisioned, Adaxes will automatically revoke all Office 365 licences associated with the user and block the user's access to the corporate Office 365 account.
Exchange Online Automation
When talking about automation for Office 365, there are two aspects that go hand in hand — automated management of Office 365 accounts and automated management of Office 365 mailboxes. The ability of Adaxes to automatically configure Exchange Online mailboxes covers the second aspect and completes the Office 365 automation process.
Based on event-driven rules, Adaxes can automatically enable or disable mailbox features, assign policies, adjust mailbox quotas, configure mail forwarding, etc. For example, when a new mailbox is created in Office 365 and the mailbox user is a member of a specific group in Active Directory, Adaxes can automatically enable Unified Messaging for the mailbox.
Office 365 Management
In addition to multiple tools and applications used to manage the on-premises infrastructure, Office 365 adds yet another set of tools for administering cloud-based user accounts and mailboxes. Thus, administrators have to switch between different apps and tools to manage user identities in Active Directory and Office 365, configure local Exchange mailboxes and mailboxes hosted in Office 365.
Adaxes unifies Office 365 and premises-based environments under a single console and makes it possible to manage both Office 365 and local user accounts from a single web-based interface.
Adaxes supports pure cloud and hybrid deployment scenarios, which provides the ability to manage Exchange mailboxes in one environment, regardless of whether a mailbox is located in the on-premises Exchange or in Office 365.
Office 365 Delegation
The use of Role-Based Access Control in Adaxes allows more users to have a say in the administration of Office 365, makes delegation of Office 365 management tasks much easier and gives a higher yield on the return on investment of Office 365.
Applying the principle of least privilege, administrative tasks related to the management of Office 365, along with the tasks related to Active Directory and Exchange management, can be delegated granularly without giving anyone more access than needed.
When delegating tasks to managers and other non-technical people, it is very important to give them a simple and clear user interface that would allow them to do only what they need to do, and nothing else. Adaxes provides an easy-to-use administrative web interface with a customisation flexibility that can meet any requirements and business needs.
Office 365 Self-Service
To reduce the time taken to get access to Office 365 services and increase the use of self-service, regular users can be given the ability to choose which Office 365 services they need. To control the process, access to the desired services can be granted only after getting an approval from the user's manager or another person in charge.
If Adaxes is configured to synchronize passwords between Active Directory and Office 365, the Self-Service Password Reset feature can be used to reset forgotten passwords in Office 365.
Office 365 Multi-Tenancy
The architecture of Adaxes allows you to manage multiple Office 365 tenants in one administrative environment. An Office 365 tenant can be associated with users and groups located in specific Organisational Units, members of groups, objects located in an Active Directory domain or multiple domains across multiple forests.
Apart from Office 365 management and automation, Adaxes also provides a comprehensive range of means for automated Active Directory and Exchange management, which you can quickly and easily transform and adapt to your infrastructure.
Other Features
Active Directory Management
Adaxes features a rule-based platform for Active Directory, Exchange and Office 365 automation, provides an enhanced web-based management environment, gives you a role-based access control model for delegating privileges, adds security with approval-based workflow, allows enforcing corporate data standards and much more.
More InfoActive Directory Automation
Adaxes provides rule-based automation for Active Directory, Exchange and Office 365. It allows executing sets of operations that are governed by if/else conditions before or after certain events in AD. So, for example, after the department of a user is changed, Adaxes can then automatically update the user’s group membership and send an email notification to the user’s manager, following the rules you define.
More InfoActive Directory Provisioning
Using condition-based rules you can automate the entire user provisioning process. Once a new user account is created in Active Directory, Adaxes will automatically execute the rest of onboarding procedures for you: moving the user account to a correct OU, adding it to necessary groups, creating and configuring an Exchange mailbox, assigning Office 365 licences, enabling the user for Skype for Business, creating and sharing a home folder, sending a welcome email, etc. Similarly to that, you can also automate all operations associated with user updates. Finally, when a user is terminated, Adaxes can automatically execute all the provisioning operations in reverse, ensuring instant and errorless offboarding.
More InfoWeb Interface for Active Directory
Adaxes Web Interface enables Active Directory management via a standard web browser. It features a modern responsive design, so users can access it on their laptops, tablets, phones or any other devices. You can set up different Web Interfaces specifically tuned for the needs of different job roles, like administrators, help desk, HR, managers, and others, giving them a clean and intuitive way to access the tasks they need. Adaxes Web Interface also incorporates Exchange and Office 365 management, so users get a single console without the need to learn and use multiple tools for their day-to-day routines.
More InfoWeb Interface Customisation
The Adaxes Web Interface is fully customisable, so you can configure it to have the exact views, forms, and operations that each user needs. For example, administrators can have a full set of management activities in Active Directory, Exchange and Office 365 across the entire environment, whereas managers can be set to view just their subordinates and only be able to update their group membership, assign Office 365 licences and change certain AD properties.
More InfoActive Directory Self Service
Adaxes Web Interface can act as a self-service portal for regular users. You can granularly specify, which operations they have access to, like updating their personal info, changing their own password, searching Active Directory, managing own group membership, updating Office 365 licences, etc.
More InfoActive Directory Password Self-Service
Adaxes Password Self-Service allows users to reset forgotten passwords and unlock accounts by themselves. To do that they need to go through a simple identity verification procedure that may involve answering security questions, SMS verification, using authenticator apps like Google Authenticator, Authy and others. A self-password reset can be accessed from the Windows logon screen, Adaxes Web Interface or it can be integrated into your own portal.
More InfoExchange Management and Automation
Adaxes automates Exchange mailbox management both on-premises and in Office 365. For example, after creating a new user account in Active Directory, Adaxes can automatically create an Exchange mailbox for the user. The database distribution of mailboxes can be done based on the first letter of the users’ surname, least number of mailboxes in the DB, the round-robin method, etc. Adaxes can then configure the mailbox, e.g. modify storage quotas or enable mailbox features like Unified Messaging or Archiving.
More InfoOffice 365 Automation and management
Adaxes can automatically assign and revoke Office 365 licences using condition-based rules. For example, when a new user is created in Active Directory, Adaxes can activate an account in Office 365 for the user and assign the necessary O365 licences according to the rules you define. Different licences can be assigned to different users based on their job title, department, location, etc.
More InfoActive Directory Role-Based Security
Adaxes introduces Role-Based Access Control for Active Directory, Exchange and Office 365. In a role-based delegation model, instead of assigning permissions to users, they are assigned to roles that correspond to actual job functions. So, when you need to change privileges for all users with the same job function, all you need to do is modify the permissions of the associated role. Assigning roles to users is done in a centralised manner, allowing you to easily control, who can do what and where. With role-based delegation, you can granularly specify, which parts of Active Directory are visible to users. For example, you can allow certain users to only view AD objects located in their own OU, while hiding the rest of the Active Directory structure from them.
More InfoApproval-Based Workflow
Adaxes allows you to add an approval step to practically any operation in Active Directory, Exchange and Office 365. For example, you can delegate user creation to HR, but after they fill in the form and click Create, Adaxes can suspend the operation and only proceed once a member of IT staff reviews and approves it. For more complex and security-sensitive scenarios, you can set up multi-level approvals. Such an approach allows delegating more tasks to lower level staff without taking the risk of losing control over them.
More InfoActive Directory Reports
Adaxes comes with reporting capabilities, allowing you to monitor and analyse what’s going on in your environment. Out of the box, you get more than 200 reports, which should cover the majority of your requirements. For more demanding scenarios Adaxes also provides various ways to create custom reports, including using your own scripts. It enables you to create reports of practically any complexity that can be specific to your organisation's needs. To deliver reports to users Adaxes supports centralised scheduling and also provides a self-scheduling option, allowing users to choose by themselves, which reports they want to receive and when.
More InfoCustom Commands for Active Directory
With Custom Commands users can launch complex multi-step operations in one go. For example, if you need to send a user on vacation, you can do it with just one click in the Web Interface. The operation can include steps like disabling the user account, adding it to a corresponding group, sending a notification to the user’s manager, etc. Such an approach allows you to delegate complicated tasks to users and not worry that they will miss a step or do something wrong. Besides, you don’t over-privilege them, as you only give out permissions to execute the Custom Command as a whole, not the individual steps it consists of. Administrators can also use Custom Commands in their day-to-day routines to make the management process simpler and accomplish the same results with a lot fewer clicks.
More InfoScheduled Tasks for Active Directory Management
Adaxes allows you to automate various routine management tasks by scheduling them. For example, it can automatically de-provision inactive accounts in AD, allocate users to necessary groups, maintain OU structure, etc. You can also schedule tasks like importing new users from CSV. Automating such a sensitive operation doesn’t mean that you need to sacrifice any control, as you can add an approval step to it. This way users will be created in AD only after a member of IT staff reviews and approves the operation. You can also use scheduled tasks to send various notifications to users, like reminders about their password or account expiration.
More InfoActive Directory Delegation
Active Directory management involves many different operations that require administrative privileges granted by default to AD administrators only. Though operations like password reset or account unlock are pretty simple, they take a lot of time of highly-skilled IT staff, not allowing them to focus on more complex and important issues. Active Directory delegation helps you optimise the productivity of the IT department by letting non-administrative users (e.g. department managers or Help Desk operators) perform certain administrative activities in Active Directory.
More Info