ACL Management and Templates
ACL (Access Control List) Management is the backbone of the active directory structure. An ACL is applied to every object in the directory, and it controls the security of that object. Administrators can use access control to manage user access to shared resources by setting different levels of access, or permissions, to objects, such as Full Control, Write, Read, or No Access and many other ACL’s. By default, permissions on objects in Active Directory are set to the most secure setting. The elements that define access control permissions on Active Directory objects include security descriptors, object inheritance, and user authentication.
Active Directory Manager Pro simplifies how access control is administered at the object level by categorizing them by role. Administrator instead of manipulating each ACL’s instead first defines a role with desired ACL’s and then associate this role to the desired objects.
Creating security roles is much simpler than manipulating Access Control Lists (ACLs) as the role needs to be created once. Then Active Directory Manager Pro walks the administrator through delegation of these roles to users or computers or groups. This minimizes error and ensures consistency in delegating security permissions.
Delegation of the ACL permission first requires selection of objects and permissions. After the selection administrator can delegate the properties on the selected objects. Now you can save this as a template.
Note: If ‘full control’ option is selected then for the entire child objects permissions like read, write, modify and delete etc are set as default.
You can easily delete any permissions / ACL’s that you may have delegated to an object.
ACL Management Templates
Using ACL templates functionality administrators can simplify and standardized how ACL’s, permissions are granted to the objects within the company. As there are hundreds of different ACL’s, templates allows for standard ACL selections for different roles. Additionally, this will allow easy enforcement of standards across helpdesk and administrators.
The process to create is simple as you see in the pictures.
ACL Templates will contain the information about the objects, attributes, permissions name and permission type.ACL Templates can be editable and deleted.