Hyena's Active Directory integration can be customized under
the Tools->Settings->Active Directory.Active Directory User Integration
|
|
Hyena's Active Directory integration enables any Windows 2000/XP/Vista/7 client computer running Hyena to manage new user directory elements.
Hyena's Active Directory integration can be customized under
the Tools->Settings->Active Directory.
Managing User Properties
Hyena uses an LDAP interface for all user administration functions on Windows 200x Active Directory user objects. Hyena will automatically detect if a user belongs to an Active Directory-enabled domain, and automatically add several new dialogs to the user properties function, as show below.
Address - Includes
fields for the user's address
Organization - User
title, organization, division, etc.
Personal - Includes
user's first name, list name, etc. Also
supports displaying and setting the user's photo. If
you use this feature, Microsoft recommends using a .gif or .jpg file (due
to their compressed size). Active Directory stores the actual binary picture
information, NOT the path to the picture file, and since this information
will be replicated, the picture sizes should be small to reduce network
traffic. Several
advanced options are available to further control user photos; see Active Directory User
Photo Integration topic for more information.
Security - Includes
display of the creation and modification date of the user, plus new user
account attributes related to security.
Notes - User fields
for "Notes" and "Comments"
Contact - Contains
a list of all Active Directory phone numbers, email addresses, and web
site urls.
Unlike
MMC applications, these contact points are consolidated into one list
box, so that the entire listing of phone numbers/email/web urls
are all visible at one time.
Object - The object dialog
includes information on internal Active Directory information, such as
the GUID, SID,
modification and creation dates, and directory path. The
Managed By information is also managed on this dialog.
Hyena uses a sophisticated mechanism to only modify Active Directory user fields that have actually been changed, so multiple administrators can safely manage different pieces of the same user properties. Plus, this feature keeps network traffic to a minimum.
Hyena also will properly rename user objects under Active Directory. When renaming users, Hyena will first prompt for the new user name directly in its tree or list windows. After entering the new user name, Hyena will display the Rename User dialog, which has options for renaming the user's full name, and home and profile directory locations. For Active Directory, Hyena offers additional modification to user elements when renaming users, as well as the proper handling of renaming the Active Directory name.
Differences between Windows NT/200x User Management
Hyena's user management dialogs for Windows NT user accounts are very similar to the dialogs used to manage Windows Active Directory users, with only a few differences.
For Active Directory users, Hyena will automatically:
Display the user's full name as the "Display Name"
Change the "User Name" field to be the "Directory Name"
Display a different group membership dialog
Hyena requires entry of the "Directory Name" when an Active Directory domain user is created. This is the first field on the General user properties dialog. This name is primarily used internally by Active Directory to construct the full directory path. We recommend that the directory name be kept reasonably short, and free of punctuation characters. Here is an example of a full LDAP path, for a user with the directory name of "JohnSmith":
LDAP://alexis.systemtools.com/cn=JohnSmith,cn=Users,dc=systemtools,dc=com
Hyena supports modification of the Pre-Windows 2000 logon name and the Windows 2000 logon name on the user "Account" dialog. If left blank, the Pre-Windows 2000 logon name will default to the current value of the "Directory Name", which is the first field on the General properties dialog. This is the former "User Name" as used under NT 4.0, and will be used by NT 4.0 users when logging into the Windows 200x domain.
Hyena can also display the user properties for Foreign Security Principal (FSP) objects in an Active Directory-enabled domain. FSP objects are created when a trusted relationship exists between a Windows 200x and a Windows NT domain. FSPs can be managed by going through the ForeignSecurityPrincipals container in any Active Directory-enabled domain.
Other Active Directory Functions
Other Active Directory functions available for user accounts include (these function are all available on the Account Functions menu):
Shell Properties
- Displays the standard shell properties page for the user.
Security Properties / List
Directory Security - See Managing Active
Directory Security for more information on Active Directory security
options.
Reset Password -
Allows resetting the password and password reset options.
Disable Account -
Disables the user account, preventing any new logon from the user account.
Unlock
Account - Enables unlocking a previously locked user account.
Move - Allows selecting
a new container/OU to move the user account into.
Add/Remove
From Group... - Selecting the Add/Remove From Group option allows
selection of a group to be added to or removed from the user's group memberships.
This bypasses
the need to perform this operation through the Properties dialog.
Photo
Integration - Hyena contains extensive support for integrating
photos of users into Active Directory. See
the Active Directory
User Photo Integration topic for more information.
User
Image Rules - Hyena will display an image next to user accounts
by default based on whether the account is disabled or active. Additional
images can be displayed based on rules and priority. For
more information on this feature, see the Customizing
User Images topic.
Fine-Grained Password Policies - The new fine-grained
password policies (also called Password Settings Objects, or PSOs), introduced
in Windows 2008 are fully supported in Hyena. For
more information on this, see the
Fine-Grained Password Policies topic.
User
Communication Portal - The new Active Directory 'User Communication
Portal' leverages that existing Active Directory attributes related to
email, phone, and web site addresses, allowing instant access to popular
email and connected telephone systems. For
more information, see the User Communication Portal
topic.
General Purpose User Functions
Hyena contains a great deal of general-purpose user functions, including advanced home directory management features, terminal server integration, viewing logon information, and more. See the 'Users' topic under the 'Using Hyena - Objects' main topic.