Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

SOFTERRA ADAXES - A new way to manage Active Directory

September 2, 2017 08:26PM

What is Adaxes?
Adaxes is a rescuer for any Active Directory, Exchange and Office 365 environment. It gives additional features automates repetitive everyday operations, enhances security, enforces standards and reduces the load on your IT department. Managing your IT environment with Adaxes is simpler and more efficient.

Key Features 

  1. Active Directory Management Adaxes provides enhanced AD management experience that can be integrated into any environment. It gives you powerful instruments to automate repetitive tasks, securely delegate operations, and keep your system up-to-date.
  2. Active Directory Web UI with Adaxes Web Interface everyone can have a convenient and easy-to-access way to execute all their AD-related tasks. The Web UI can be fully customized to fit the needs of any category of user — from admins to end users.
  3. Automated User Provisioning all user lifecycle tasks can be completely automated by Adaxes. No more manual account setups, user updates or off boarding procedures! Save time, money and put the human factor mistakes away from your environment.
  4. Exchange Management & Automation All user lifecycle tasks can be completely automated by Adaxes. No more manual account setups, user updates or offboarding procedures! Save time, money and put the human factor mistakes away from your environment.
  5. Role-Based Access Control Adaxes introduces an efficient role-based delegation model that makes managing and monitoring permissions in your system as well as following the least privilege principle a walk in the park.
  6. Office365 Management & Automation Adaxes fully automates the process of assigning and revoking licenses in Office 365. It doesn’t matter if a user is just arriving, getting a promotion or leaving. Adaxes will make sure that all licenses are always up-to-date.
  7. Self-Password Reset Forgotten passwords and locked accounts are most common sources of time wastage for both users and the IT staff. Adaxes allows users to deal with it themselves by answering security questions and/or using SMS codes.
  8. Approval-Based Workflow With Adaxes you can add approval steps to practically any operation in Active Directory, Exchange or Office 365. This allows you to free valuable time by delegating more tasks without losing control over their execution.

adaxes softerra Active directory mangement webui, self password reset office 365 management automation, role based control workflow

WHAT YOU GET WITH ADAXES

A more efficient environment.
Automation helps to free your IT staff from monotonous routine and let them work on improving your environment instead of just maintaining it.

Reduced Workload on IT department.
By enforcing standards and minimizing the number of possible mistakes Adaxes makes your Active Directory a much cleaner and healthier place.

Standardized environment.
With an efficient access control model, regular cleanup activities, approval steps, etc. that Adaxes brings, your AD will be much more secure and less vulnerable to malicious activities.

Increased security.
There is so much more about Adaxes that we would love to tell you about. All the information as well as a FREE 30-day trial are available at adaxes.com.


After reading these all the features and functionalities of Adaxes software I did poc in my environment and tested few features which appealed me after testing. Software can be downloaded from this link. I am installing it on Windows 2016 Server. one of the prerequisite is .net frameworks 3.5 to install it, follow my article INSTALLING .NET 3.5 FRAMEWORKS ON WINDOWS SERVER 2012 R2.  After starting installation I am selecting all the the features including Powershell. Using administrator account for services. This service account should have access 'Log on as service' in gpedit, It will be granted by software itself. 

Softerra Adaxes  SPML Web Service, Powershell module for AD, Service admin account, run log on as service right granted

Softerra Adaxes 2017 provides three web portals for managing Active Directory. Administrators, Help Desk and Self Service. It creates new service configuration, one of the example Security Roles - this are different default permissions to perform task on Active Directory. A single SPML request message can be used to simultaneously create user accounts in multiple provisioning systems. De-provisioning, such as when an employee leaves a company, is done by closing access accounts. This eliminates orphaned accounts and prevents ex-employees from gaining access to customer systems.

This installs an configuration IIS server service and Active Directory Lightweight directory services in the background. Make sure port 54782 is opened in firewall for client connection.

softerra adaxes web interface types helpdesk self-service administrators new configuration spml web services address, firewall port open

For more on installation check this link. Open Adaxes Administrative Console. In the available services click server name where adaxes is installed. Log on the account with currently logged on user.

Softerra Adaxes Service Administration console connect Domain Controller active directory management logon

When I logged in I first checked in the Logging, as it was blank for the first time, So to generate few logs I created, deleted and modified few users and group, and to my amaze it had some fantastic readable information, exactly what I was looking for. One thing I noticed, to capture all the activity information adaxes administration console must be used. If I use dsa.msc - Active directory users and computers console and make some changes they are not captured here.

adaxes Administration Console 2017 active directory logging event log activity delete, modify, create unauthorised changes


Next I tried Ad Self service portal, where users can reset their own password, First I created policy, which includes configuration like secret questions, enrollment and other information (Password can be reset through SMS or Email also). 

Adaxes Administration Console 2017 password self-service policies

Password Self-Service portal can be accessed using link - http://fqdn_IP/AdaxesSelfService/SignIn.aspx. Once logged in, it prompts for enrollment of the service. After providing selected questions answers. Log out from portal and test on login page with Forgot your password? After successfully providing answers of registered questions, according to policy defined, it shows the new random password on screen.active directory adaxes self service password reset portal

Another wow thing is self-service statistics, shows report of Enrollment, password resets and operations. Check defaulters.

Adaxes Administration console password self-Service reset portal active directory statistics enrollment


If you are PowerShell freak like me you will definitely like this part, you get Adaxes powershell cmdlets for automation. Deployment or tasks will be faster, again everything will be logged on to console. 

Adaxes Powershell module for AD active directory


I went thru and tried almost each and every features of Adaxes, I found they are all great for running perfect and error free Active Directory environment, In the last I would like to mention about A business rule is Automation workflows, qualified logic and activities of all types. Adaxes has an ability to program many stuffs with Active Directory and likewise it can connection into many additional jobs resembling Add user in the group, creating Exchange mailboxes, provisioning accounts in Office 365 and even running PowerShell scripts!, you can automate user provisioning procedures with conditions and approvals. This is the beauty of business rule and definitely useful.

vcloud-lab perefect powershell automation scripts after creating user or inetorgperson softerra adaxes administration console business rule.png

 


Verdict

Adaxes Active Directory Management proposals numerous benefits above the simple Active Directory management features originate in Windows Server, particularly in settings with several domains and/or forests.

In environments running older Domain Controllers version 2003 and 2008, the PowerShell module and the many tips and tricks offered by the Adaxes Administration Console (admc.exe) will make it easier to automate tasks.

Adaxes comes at a price. I feel the information above provides more than enough information to build the business case for Adaxes

Go Back

Comment