LDAP commands in openldap

/0 Comments/in /by

Overview: Frequently used commands in Ldap for example add, modify, delete, search etc.,
Details:
1. Create one Ldif file
Now add this Ldif file in [root@server ~]#
LDAP Add Command:
[root@server ~]#ldapadd -D “cn=Manager,dc=deep,dc=state,dc=ct,dc=us” -W -x -a –fAdd.ldif
Enter the Root Password:

2. Select Ldif file which you want to modify
LDAP Modify Command :
[root@server ~]#ldapmodify –D “cn=Manager,dc=deep,dc=state,dc=ct,dc=us ” -W -x -a -f Modify.ldif
Enter the Root Password:

3. LDAP Search command :
[root@server ~]#ldapsearch -x -b “dc=deep,dc=state,dc=ct,dc=us”
Enter the Root Password:

4. LDAP Delete Command:
Ldapdelete –W –D “cn=Manager,dc=deep,dc=state,dc=ct,dc=us” “cn=UserName,dc=deep,dc=state,dc=ct,dc=us”
Enter the Root Password:

Customers and Industry Analysts agree: CionSystems delivers comprehensive Identity and access management solutions that rank top in their category

/0 Comments/in /by

Customers and Industry Analysts agree: CionSystems delivers comprehensive Identity and access management solutions that rank top in their category.  CionSystems password management solutions delivers:

Self Service Password Reset

• Password Synchronization

• Alternative User Authentication

• Enrollment

• Tools for Administrators

• Windows Desktop Integration

• Mobile- Device Initiated Self Service Password Reset

• Endpoint Encryption

• SaaS Password Reset

The recent Active Directory Manager, Pro and Enterprise Self Service 5.0 release has added:

• Codeless and script-less Provisioning

• Attestation

• GRC centric reports and workflows

• Support for additional on-premise and cloud based identity stores

• Cloud Based Service Delivery

• Virtual Directory Support

• Advanced LDAP Search Filters

• A PowerShell Development and Execution Environment

You can find more about CionSystems in recent Gartner and Kuppingercole industry research or at: http://www.cionsystems.com/

Active Directory Reporter version 5.0

/0 Comments/in /by
Active Directory Reporter™ 5.0 is easy to deploy and provides change notification and reporting, for Microsoft’s Active Directory, OpenLDAP, and Virtual Directory Platforms. Active Directory Reporter™ 5.0 simplifies security, audit and compliance, with out of the box reports for passwords, devices, computers, groups, group policy objects, Exchange, and more. Ready to go, out of the box, Active Directory Reporter provides powerful reporting without requiring expensive, time consuming, complex installation and configuration. The extensive reporting capabilities supports easy customization as to what information, date range, output format and order are provided. Reports can be saved as html, text, Excel,Word, and ldiff format.
Active Directory Reporter™ 5.0 is a best of breed web solution for gaining visibility and insight. Focused, configurable reports drill show users, identity, groups and membership, attributues, acls, and more. Reports can be easily customized to show specific attributes, and limited to pertinent date ranges. This includes analytics for Exchange, Group Policy, compliance related activities, operational metrics, and fault isolation. Active Directory Reporter™ 5.0 addresses compliance, governance, management, and operations. Deployment is simple, only requires standard Microsoft infrastructure components, and can utilize either Active Directory and other LDAP stores or both simultaneously.
Active Directory Reporter™ 5.0 (http:// http://www.cionsystems.com/active-directory-reporter.php) simplifies collecting and analyzing Active Directory data, as well as objects and atrriubtes stored in LDAP compliant directories, virtual directories, and selected log files. Active Directory Reporter™ 5.0 also provides a workspace where LDAP filters can be created, saved, documented and used to generate reports. Reports can be automatically generated and routed via email. Active Directory Reporter™ is a flexible and powerful tool for companies of all sizes.
Active Directory Reporter™ 5.0 has added the following reports:
  • Reports based on user defined LDAP filters
  • Users Not Logged On report
  • OU based search and reports based on date range
  • User last login based on date range
  • Users that were recently added to a specific group
  • Users that were recently removed from a group
  • Recently modified groups
  • All accounts with admin privileges
  • Permissions for specific printers
  • Permissions for all printers
  • OU search based on delegated user
  • Recently created groups
  • All Managers report
  • Smart card enabled users report
  • Users with change Password at next Logon report
  • Detailed Group Members Reports
  • Users Only members of Domain Users Group report
  • Recently created computers report
  • Users without mailbox Report
  • Default Receiving message size report
  • Default storage Limit report
  • OMA Disabled report
  • POP3 Enabled report
  • IMAP4 Enabled report
  • Active Sync Enabled report
  • Active Sync Disabled report
  • Open Group Join Restriction distribution Groups report
  • Closed Group Join Restriction distribution Groups report
  • Approval Required Members Join Restriction distribution Groups report
  • Users with terminal service Access report
  • Permission for folders report
  • Server permissions report
  • Subnet permissions report
  • Servers accessible by accounts report
  • Subnets accessible by accounts report
  • Recently created contacts report
  • Recently deleted contacts report
  • Recently modified contacts report
  • Generating file share permission report using PowerShell
  • Permissions(trustee) of an object
  • Active Directory Object ownership report
  • Send-As and Allowed to Authenticate report
  • Nested Groups report
  • In Computer Reports, IE, Java, Installed Patches and Details report
  • Logon report
  • Report for Store password Using Reversible Encryption
  • Several new reports in Security report section. For example, Full Control Permission Objects, Non-inheritable Objects, List all Permissions of Group, Access Control list of forest, Non-inheritable folder and files.
  • All user Details (brings all information for a user)

Active Directory Manager Pro version 5.0

/0 Comments/in /by
Active Directory Manager Pro 5.0 brings significant enhancements to an already impressive array of capabilities. The ADM PowerShell Console allows users to create, run, save, and modify scripts. The PowerShell scripting workspace lets users create or leverage existing office365, AD, Local exchange and Exchange online.
Many new compliance and governance centric features are now part of Active Directory Manager Pro 5.0, including attestation for user and groups, date range bounded reports, de-provisioning, and more!
Active Directory Manager Pro 5.0 supports all LDAP capable directory services, such as OpenLDAP, Radiant Logic, ViewDS, Novel, IBM Security Directory Server, and any other LDAP compliant service or server. Active Directory Manager Pro 5.0 includes a separate LDAP console for persisting connections and search filters, as well as performing object creation, modification, and deletion. This includes operations on groups and their memberships.
The Search & Manage, options now exist to search accounts based on date ranges. Other search enhancements include wildcard searches, searching deleted objects in the archive and searching for data in reports.
User management and reporting now include last Login and primary group. Further, SID history is now be removed, supporting security hardening and migration activities.
Active Directory Manager Pro 5.0 now supports provisioning and de-provisioning. There is also a csv based de-provisioning capability. Additional Enhancements include enhanced detail in the displays and reports, searchable reports, enhanced schema management functionality, the ability to scope access based on OU, customizable dashboards, and OU based workflows.

Active Directory Manager Pro 5.0’s significantly expanded Exchange 2010 & 2013 management’s new capabilities include:

  • Connect mailbox
  • New MailboxExportRequest
  • Resume MailboxExportRequest
  • Remove Mailbox Export Request
  • List MailboxExportRequest
  • Resume Move Request
  • Remove Move Request
  • List Move Request
  • Get mailbox permissions
  • Manage mailbox permissions
  • Get Active Directory permissions
  • Enable mail contact
  • Manage mail contact email addresses
  • Disable mail contact
  • Remove mail contact
  • List mail contacts
  • List contacts
  • Edit distribution group
  • Disable distribution group
  • Remove distribution group
  • Remove distribution group member
  • Clear Mailbox Database
  • List mailbox databases
Management of workstations and member servers:
  • Create directory (file system)
  • Get file/directory information
  • Copy directory
  • Rename file or directory
  • Delete file(s)
  • Delete directory
  • Create share
  • Edit share
  • Delete share
  • List files and/or directories
  • Execute service command
  • Configure service
  • List printer documents
  • Execute print job command
User management:
  • Remove SID history
  • Get primary group
Generic LDAP workspace:
  • Option to delete directory object on search result of LDAP query
  • Option to save and execute LDAP queries.
  • Allow people to add their own “filters” for generating reports
  • Modify, create, delete, enable, disable and other functions
Powershell workspace:
  • Option to save and execute scripts
  • Share scripts with others
  • Sample scripts
Reports:
  • Report for any LDAP filter
  • Users Not Logged On report
  • OU based search and reports based on date range
  • User last login based on date range
  • Users that were recently added to a specific group
  • Users that were recently removed from a group
  • Recently modified groups
  • All accounts with admin privileges
  • Permissions for specific printers
  • Permissions for all printers
  • OU search based on delegated user
  • Recently created groups
  • All Managers report
  • Smart card enabled users report
  • Users with change Password at next Logon report
  • Detailed Group Members Reports
  • Users Only members of Domain Users Group report
  • Recently created computers report
  • Users without mailbox Report
  • Default Receiving message size report
  • Default storage Limit report
  • OMA Disabled report
  • POP3 Enabled report
  • IMAP4 Enabled report
  • Active Sync Enabled report
  • Active Sync Disabled report
  • Open Group Join Restriction distribution Groups report
  • Closed Group Join Restriction distribution Groups report
  • Approval Required Members Join Restriction distribution Groups report
  • Users with terminal service Access report
  • Permission for folders report
  • Server permissions report
  • Subnet permissions report
  • Servers accessible by accounts report
  • Subnets accessible by accounts report
  • Recently created contacts report
  • Recently deleted contacts report
  • Recently modified contacts report
  • Generating file share permission report using PowerShell
  • Permissions(trustee) of an object
  • Active Directory Object ownership report
  • Send-As and Allowed to Authenticate report
  • Nested Groups report
  • In Computer Reports, IE, Java, Installed Patches and Details report
  • Logon report
  • Report for Store password Using Reversible Encryption
  • Several new reports in Security report section. For example, Full Control Permission Objects, Non-inheritable Objects, List all Permissions of Group, Access Control list of forest, Non-inheritable folder and files.
  • All user Details (brings all information for a user)

Enterprise Identity and Governance Suite

/0 Comments/in , /by
Enterprise Identity and Governance Portal, formally CionSystems Enterprise Self-Service, is a lightweight,easy to deploy, and simple to use Identity Management, Self Service, Delegation, and Compliance suite.Unlike more complex and expensive alternatives, there is no need to deploy multiple, dedicated,servers. CionSystems’ solutions deploy in hours, and give users and administrators a complete, fully featured solution CionSystems’ Enterprise Self-Serviceunifies on-premises, cloud, and Office365 identity. Everything needed is including, pre-built, and ready to go. This is a true, out of the box, solution. With a web portal,easily configured workflow, notifications, backend connectors, CionSystems Enterprise Identity and Governance Portal delivers unified management and self-service for users, groups, and credentials.User can manage their entire identity and membership lifecycle. Administrative, operational, and compliance overhead are greatly reduced. Workflow creates consistency, automates time consuming tasks, and enforces policy.

CionSystems’ Enterprise Identity and Governance Portal supports multiple, back-end, repositories:
• Active Directory
• AzureActive Directory
• Office 365
• Google Apps
• Sales Force
This facilitates a variety of use cases, including migration, credential synchronization, provisioning, self-service of users, mergers and federation. Enterprise Identity and Governance Portal can also interoperate with multiple Active Directory instances.
For example, some typical scenarios include:
  • Standardize and enforce access privileges (e.g.: administrator, power user, manager and user)
  • Self Service – users can update their profile, manage group membership, change passwords, etc.
  • Group membership portal
  • Span multiple back end stores Active Directory, Microsoft Azure Active Directory, OpenLDAP
  • Self Service password reset: Users can reset and unlock accounts without Helpdesk interaction
  • Synchronized accounts across multiple repositories:
    • Local Active Directory Domain
    • Windows Azure Active Directory
    • Office 365
    • Multiple internal or external Active Directory Forests and Domains
    • Google Apps
    • Sales Force
    • Workday
  • Audit and attestation via logs, reports, and notifications
  • Automatically notify users, support staff, and operations staff to enhance security:
    • Locked out users
    • Passwords about to expire,
    • Inbox size exceeds threshold limit
    • Successful or unsuccessful password reset attempts
  • Prevent Office 365 account lockout via flagging pending password expiration
  • Provide multi-factor authentication. and one time passwords
  • Automatically reset expired passwords
  • Email real-time reports (e.g. – password audit, mail status,unlock, etc.)
To read more, click here

Creating mailbox enabled distribution group using CSV in ADM Pro

/0 Comments/in , /by

If you are looking for provisioning mailbox enabled distribution group in bulk using CSV, you can try a power feature of CionSystems ADM Pro.
To use this feature, First you have to prepare a CSV file in below format. Where the first column will have the group name, then Email column that is going to set to External Email attribute of group, forth and fifth will have the distinguished name of group and user for membership, you can get by exporting user and group  distinguished name using other feature of ADM pro. You can also specify the Owner of group in the last column.

Once the CSV file is ready. Now login to ADM pro as a administrator, go to AD Management menu, click on Group in left side menu and then click on Create Groups using CSV – Bulk in right side pane, Now follow the below screen shots to do the rest.

After importing the CSV file Check Create Exchange E-Mail address option, select the container and click on Create Group button

Now you can verify these new created group in Exchange Console as below.