The “Managed Service Active Directory” service has been officially discontinued by the end of 2023.
There were several reasons for discontinuing this managed service. Among other things, the additional costs for the users, the high administrative maintenance effort and the insufficient scalability contributed to this decision.
Howevery, the IT Center of RWTH Aachen University already offers its facilities a far more advantageous alternative: the Active Directory for Workplace Management (ADAM for short).
After a three year project and pilot phase, during which the web interface and a security concept were designed, the managed service has now been introduced.
What Is ADAM?
ADAM basically enables the use of a central directory service.
With ADAM, an Active Directory with all clients was set up to enable collaboration between the various institutions of RWTH Aachen University and to make resources available to each other.
The Active Directory is particularly suitable for project work that takes place across institutes. People from different institutions can be managed in a group and have access to a project file.
Furthermore, decentralized services in the institutions are also supported, e.g. file servers.
Moreover, not only Windows domains are supported with it. Further support for heterogeneous domains, such as macOS, is planned.
Benefits
ADAM offers some benefits compared to its predecessor. It is characterized in particular by ease of use, low maintenance requirements and a free alternative. Security also plays a major role, which is why the service is additionally secured with multifactor authentication.
What is special about ADAM is that it centralizes the IT infrastructure and offers its users many different advantages.
Connection to Identity Management (IdM)
On the administrative side, the introduction of ADAM makes technical maintenance much easier. This is because, unlike its predecessor, ADAM is linked to IdM.
On the one hand, this means that employees no longer have to be entered manually and no separate personnel database is maintained.
On the other hand, all persons with an active status at RWTH Aachen can be invited via the coupon procedure and receive access authorization.
The coupon can be requested from administrators of the facility, who will then initiate the coupon procedure. After redemption, it takes 24 hours until the use is activated due to the synchronization time.
The registration is carried out with the personal institute e-mail address (<ab123456@institute.rwth-aachen.de>).
Guests with an existing RWTH ID are also authorized to access the system. The IT administration of the corresponding institution can create a functional account for this person and provide a coupon.
User Life Cycle
Additionally, ADAM is equipped with a user life cycle. To save resources, accounts that have been inactive for several months are highlighted so that they can be deleted manually.
A small note for the already existing users of the previous Active Directory:
A migration of data from the previous Active Directory to ADAM is possible. If you do not delete any data before the migration, everything will be transferred to ADAM without exception.
Your feedback is important to us. Feel free to leave us your comments or questions!
Responsible for the content of this article is Sara Erdem.