About This Guide s1

Reviewer’s Guide

Imanami Web-based Directory Manager 3.0

Table of Contents

About this Guide 3

What is Directory Management? 3

What is Imanami’s Web-based Directory Manager (WebDir)? 3

Imanami WebDir 4.0 – Install Shield Wizard 5

How to import WebDir 3.1 virtual server to WebDir 4.0: 6

How to create and configure a virtual server using WebDir 4.0 7

How to modify Active Directory objects using WebDir 4.0 8

How to limit administrative management of objects using WebDir 4.0 9

How to create and manage a group using WebDir 4.0 11

WebDir Business Scenarios 16

WebDir Advanced Business Scenario 20

Imanami WebDir Software Requirements 24

About this Guide

Thank you for reviewing Imanami WebDir 4.0. With this guide, we hope to make your evaluation go as smoothly as possible. This document does not replace the online Help or ReadMe documents that are included with the software; instead, it will provide you with the necessary background information and a brief introduction to the product. Please refer to the contact information on the last page of this document should you have any questions about Imanami WebDir during the course of your review.

What is Directory Management?

Directory Management is the process of managing data between one or more sources and a directory for the purpose of providing reliable, accurate, secure, and accessible information to meet strategic and management needs at all levels of the enterprise. It is the purpose of this process to improve the accuracy and reliability of the data maintained in the directory.

What is Imanami’s Web-based Directory Manager (WebDir)?

Imanami WebDir provides quick wins in Identity Management projects by empowering enterprise users to update and maintain their own directory information. The enterprise user is the key to providing accurate and reliable data, since they are the primary source of information. By empowering enterprise users to maintain and update their own information it will free up time for administrators to attend to more important enterprise challenges.

060807 RS IMANAMI CONFIDENTIAL 25 of 25

Imanami Web-based Directory Manager 3.0

WebDir’s Core Functionality:

Empowerment and Data Integrity. Empowerment refers to increasing the political, social or economic strength of individuals. It often involves the empowered to develop confidence in their capacities. WebDir empowers users to manage their own directory information. By empowering enterprise users; administrators can put them to work and reap the rewards of a rich directory with accurate and reliable information.

At the same time administrators maintain complete control to enforce data integrity. Administrators can control which information the user can update and what information can be viewed. Administrators can also reduce the work that is required to manage groups. WebDir allows the end users to create, delete and edit public, semi-public and private groups, without any time being required from an administrator.

WebDir’s Key Features

Authoritative Change Management. WebDir has a built-in auditing system to ensure the correct data is entered before applying changes in Active Directory. Using the workflow system; Administrators can control specific fields to be submitted for approval before changes are made to the directory.

Group Management. The group feature allows end users to create, delete and manage their own groups. End users are also allowed to subscribe or unsubscribe from groups without any support required from the administrator.

Enterprise Phone Directory. The phonebook feature allows anonymous or authenticated read-only access to the directory. Users can search multiple fields and even export the results to Excel. WebDir's phone book supports WAP devices, such as a blackberry or cellular phone.

SharePoint Integration. Deployed SharePoint? Allow your users to launch WebDir directly from SharePoint, by funneling end-users through your corporate portal for essential information. You can easily integrate WebDir into SharePoint by creating a web part to capture the web page. Then publish the site to enable users to gain access and that’s it! For more information on how to integrate WebDir within a Microsoft SharePoint Portal website, please review the WebDir Advanced Business Scenario Section of this guide.

Visual Identification. It is useful to see a picture of a coworker when you see his/her Properties. This way you can easily identify him/her walking down the hall towards you. This is a great feature to have for any environment where you need to know what someone looks like for security purposes. For more information on integrating visual identification, please review the WebDir Business Scenario section of this guide.

Role-based Security. Administrators can define the role each user has and the type of authorization they have to fields or tabs when logged into WebDir. WebDir has three primary roles: End-user, Helpdesk, and Administrator. Administrators can lock down specific fields or tabs to be viewed or modified by each role depending on the level of access they are given.

Imanami WebDir 4.0 – Install Shield Wizard

Installing WebDir from a download file….

Double click on the file called, “webdir4.exe” to begin the installation process.
During the first part of the installation process, WebDir will detect whether Microsoft .NET Framework version 2.0 is installed on the machine. Click the “Yes” button to display the wizard. On the welcome page of the wizard, click the “Next” button. Accept the licensing agreement and click the “Install” button to begin the installation. At the end of the wizard, click the “Finish” button to complete the installation of Microsoft .NET Framework 2.0.

Please note: WebDir requires the Microsoft .NET Framework version 2.0 and will not perform properly without it. Also, you may receive a prompt to download the Windows 3.1 Installer before Microsoft .Net Framework 2.0 is installed.

After the Microsoft .NET Framework version 2.0 is installed, you will see a WebDir Welcome page displayed to begin installation of WebDir. Click Next to continue.

Please review and accept the End User Licensing Agreement (EULA) for WebDir by clicking on the “I accept the terms in the license agreement” radio button. Click Next to continue.
Entering a username and organization name is not required. However, if you want to limit use of the product to one user (the person installing the product), you will need to select the “Only for me” radio button and complete the username field, as well. Click Next to continue.
Changing the destination folder path is not required. However, some environments do not allow products to be installed on the default directory (C:\) and will need to use the option available (by selecting the Custom radio button and clicking Next) to create the WebDir directory under a different drive partition. For this scenario, please accept the default path and click Next to continue.
Now it is time to install WebDir. Click the Install button to begin. There is a checkbox to launch the WebDir System Manager after you click on the Finish button. This option is checked by default. Leave the option checked and click the Finish button to close the Install wizard.
If you opted not to launch the WebDir System Manager console, you can do so at a later date by going to the Start Menu and select: Programs->Imanami->WebDir 4.0->System Manager. Then move forward to the next section on “How to create and configure a virtual server using WebDir 4.0”.

How to import WebDir 3.1 virtual server to WebDir 4.0:

Step by Step virtual server upgrade…

Launch the Import Wizard in WebDir System Manager (Tools->Import WebDir 3.1 Virtual Servers). The option is made available when a WebDir 3.1 installation is present. If you do not see the option, please continue to the next section on How to create and configure a virtual server using WebDir 4.0.
A list of WebDir 3.1 virtual servers found on the computer is displayed.
De-select the checkbox of any virtual servers you do not want to migrate to WebDir 4.0.

Please note: By default, all the WebDir 3.1 virtual servers are renamed to <vsname>_4. You do not have to change the name of the VS to import it. You can rename the virtual servers by clicking twice (not a double click) on the WebDir 4.0 name. If you make the WebDir 4 server name the same as the WebDir 3.1 server name, the Import Wizard will remove the WebDir 3.1 virtual server.

Click Import to begin the import process. After the process ends, click Ok to close the import wizard
Voila! You have successfully imported a virtual server from WebDir 3.1 to WebDir 4.0 by following the instructions provided in this section.

Please note: The Import Wizard will import the following settings: Connection Settings, Notification Settings, Security Settings, Settings on the Settings tab, and Workflow Routes.

The import wizard will not import the following settings and files: Incompatible Settings on the Settings tab, Changes made to strings.txt (the strings.txt file has been removed), Changes made to the layout and design (design.xml), Changes made to the IIS virtual directory outside of WebDir System Manager, and Customizations made to the ASP files (WebDir 4.0 uses .NET ASPX files).

How to create and configure a virtual server using WebDir 4.0

Step by Step server configuration…

WebDir has five different functionalities (Enterprise, My Properties, Update Wizard, Groups, and Phonebook) that can be modified after the creation of a WebDir virtual server within system manager. Each function limits the overall functionality that is contained within WebDir. The option to use all WebDir functionality is called, “Enterprise”. This is also the default type selected when the virtual server is created. For more information on the functionality provided with each setting, please review the online help for WebDir.

For this scenario we will learn how to create and configure a WebDir virtual server using the default functionality of Enterprise. Please follow the steps provided below to perform this task:

To begin, you will need to define or create a WebDir Service Account that has administrative access to all domain objects. The recommended permission to give to the service account would be Domain Admin in Active Directory.
WebDir System Manager will display a dialog box asking you to create a virtual server when it is launched for the first time. Click on the Yes button to continue.
The next dialog box that is displayed is where you will enter the name of your virtual server. Keep the default name (WebDir4) and click the OK button to continue.
The Welcome page of the New virtual server wizard will appear. Review the information that is displayed and click Next to continue.
The Server Type page is where you need to select the type of server that WebDir will connect to. The dropdown menu contains two options: Active Directory Only, Active Directory with Exchange 2000/2003. Select a virtual server type that matches the directory you are connected to and click Next to continue.
The Directory Server page is where you will enter the domain that WebDir will connect to. By default, WebDir will display the domain controller name of the machine that it is installed. To connect to a different domain; enter the name of the domain, username, and password for the WebDir Service Account that has administrative rights to the directory. Then click Next to continue.
The Internet Server page will display the path to where the WebDir files will be stored on the machine. You can change the IIS (Internet Information Services) directory on this page of the wizard. For this scenario, leave all the defaults displayed and click Next to continue.
The Security page is where you can add a group for Helpdesk and/or Administrator privileges in WebDir. If you want anonymous users to log in to WebDir, select the Allow Anonymous Users to Log on checkbox to enable this function. For this scenario, keep all defaults displayed and click Next to continue.
The Support Information page is used to provide WebDir users a way to report issue to your internal Helpdesk or support teams when they experience problems or have questions about WebDir. For this scenario, keep the default information and click Next to continue.
The next three wizard pages (File Permissions, Exchange Account Permissions, and Local Security Policy) are for informational purposes only. Click the Next button three times to continue.
The confirmation page is to ensure that all the information entered is correct. Verify the information in the page and click Next to continue.
Click the Finished button to complete the virtual server creation and configuration. Voila! You have successfully created and configured a WebDir virtual server.

How to modify Active Directory objects using WebDir 4.0

Administrator role…

WebDir has its own way to determine who is an administrator when logged into the web interface. It reads the membership of a group that is added to the Administrator DL field of the virtual server. The Administrator DL field is located under the Security tab in System Manager.

For this scenario, we will configure WebDir to provide specific users the right to modify objects in Active Directory. To begin, you must have previously created a WebDir virtual server by following the instructions provide in the “How to create and configure a virtual server using WebDir 4.0 section of this guide.” To perform this task, please follow the instructions provided below:

Open Active Directory Users and Computers by going to Start->Programs->Administrative Tools->Active Directory Users and Computer.
Select the Users container in the directory tree. Right click on it and select New->Group.
Enter in all required information for the group as you walk through the wizard. Depending on the type of virtual server created will determine whether the group will need to be mail enabled or not.
Double click on the group created to open its properties page. Select the Members tab and add yourself to the list.
Expand the virtual server by clicking on the plus sign (+) next to the server name to display the server node.
Click on the server node to display a row of tabs for the virtual server.
Select the Security tab. Next to the Administrative DL field, click on the (…) button to display the search dialog box.
Enter in the name of the group created in step 3 above. Click on the Check Names button to resolve the group name in Active Directory. Then click the Ok button to close the dialog box.
Click on the Save icon in system manager to apply the changes.
Select the General tab and click on the first URL in the list to log into the virtual server.
Do you see a list of objects (New Mailbox, New User, New Contact, and New Group) to create in the toolbar menu under the create link? If so, than you have successfully logged into WebDir as an administrator. In addition to the new create links you will have the ability to reset passwords for users, as well.
To begin modifying users, click on the Search link in the toolbar menu. In the Display Name field enter the name of a user in Active Directory. Then click on the Search button to display the user in the search results page.
Click on the display name of the user to open its properties. All fields are available for modifying the user’s information. WebDir administrators can modify group and contact information, as well.
In the Title field for the user, enter Support Technician. Then click on the Save button at the bottom of the page. You will see a save results page displayed to confirm the change. Then click the OK button at the bottom of the Save Results page to return to the user’s properties page. Notice the value has been applied to the Title field of the user.
Voila! You have successfully logged into WebDir with administrative permission and modified the title for a user. Even though Administrators have full access to all Active Directory objects, you may not want all administrators to be granted this privilege. If this is the case, than continue to the next section on How to limit Administrative Management of objects using WebDir 4.0.

How to limit administrative management of objects using WebDir 4.0