rDirectory
Products  >  rDirectory

Why rDirectory?
  • Role-Based Access and Self-Service Editing.
  • Multiple levels of delegation, group management and Help Desk features that continue to make the management of Active Directory data more efficient and secure.
  • Automatically create new accounts with any group or other directory relationship already defined.
  • NEW! rDirectory can now be configured to use an external STS (a security token service such as ADFS) for authentication.
  • NEW! Enhanced reporting console offers a new role for report viewing that is separated from the designer role.
  • NEW! rDirectory can now be configured to use dynamic Global Catalog selection.


 

Which version is right for you?



How rDirectory Works

rDirectory discovers your existing schema and allows
you to compose applications that take advantage of
virtually any class, attribute or relationship already
present in the directory. There is no need for schema
extensions and rDirectory will automatically detect
custom classes or attributes that have been added for
your organization's unique needs.

What Our Customers Say
  • "rDirectory has created a customized solution for our internal IT department in a speedy and safe manner. Changes are just a matter of selecting the correct field and putting it on the form!  Listen . . . I can go on and on. I am really happy with this product."

    Vinit Khandelwal, IT Systems ArchitectCushman & Wakefield
Feature Overview
  • Web-Based Directory
  • Search Engine Interface with Instant Search Results
  • Tree Menu Search with Dynamic Picklists
  • Composable Application Design
  • Self-Service Editing with Data Integrity Controls
  • Role-Based Access and Delegation
  • Group and Account Management
  • Certify Information Tasks
  • Data Validation Tasks
  • Provisioning and Template-Based Object Creation
  • Notification and Auditing
  • NEW! Role-based Reporting Console
  • NEW! Federated Login
  • Additional Features

rDirectory allows you to put a custom face on Active Directory for the entire organization. Accurate and accessible information in the directory enables employees to efficiently contact, communicate and collaborate with each other. With rDirectory, users easily locate and access current information about people, resources and services, as well as navigate and explore organizational relationships. Information and links to resources can be published for others to use and share.

Namescape's Designer lets you create custom search applications that allow users to search for objects, attributes or other criteria you specify. Role-based access controls also provide a unique authorization model for delegation to users or the Help Desk.


The release of v3.3 provides a new search experience for rDirectory users. Our goal is to add value to your existing Active Directory infrastructure and data by making it easier than ever to find information and manage objects.


Search Engine Interface

The search engine provides a familiar, intuitive interface for searching Active Directory data. Simply begin typing the first three letters of your keyword or object. rDirectory searches across multiple fields and words to deliver the results.


Instant Search Results

Instant search results is an optional feature that will instantly preview the search results in a drop menu after a pause in typing your search term or keyword. You can select any result and click to view the details of the selected object.



Instant Detail

Select an object from the search results preview and rDirectory instantly displays the Details for that selected object.



Or, click the search icon to display the full results of the search. Selecting an object in the results grid will split the screen and display the object details below the results.




Right-Click Functionality

Right-click a result in the search results pane to display the menu options for managing the object. The options vary depending upon the permissions of the user. The image below displays every option available to a user who is logged in as an administrator.


Tree Menu Search

Displays your data using customizable cascading picklists, making it easy to see the relationships between the selected objects, such as departments and their employees.

 


Dynamic rDirectory Picklist

With this free joBot feature, you can schedule recurring dynamic updates, so your rDirectory picklists will always reflect the latest data in Active Directory.

Custom, template-based applications give you control of Active Directory data.

Out of the box, rDirectory leverages your existing Active Directory identity data to create a fully functional, web-based, corporate 
white page.  However, rDirectory is much more than just a white page.
At its core, rDirectory is a powerful identity application design platform.  With Namescape’s Designer, you can build any number of custom search, detail, provisioning and web applications designed specifically to meet the needs of your organization.

Search Applications

Create custom search applications that allow users to search for objects, attributes or other criteria you specify. Role-based access controls also provide a unique authorization model for delegation to users or the Help Desk.



Detail Applications

Detail applications simply contain expanded information about a specific object. For example, a My Profile application may include user’s contact information, such as an email address, phone number and home address, as well as their department, manager or any other information that is relevant in your organization. Users can be securely delegated rights to edit some of their personal information – you control which attributes are self-editable.



Create Applications

rDirectory provides a powerful method to standardize how objects are created and provisioned. Templates that define the optional, required and editable fields can pre-populate values so objects are always created consistently and accurately. Accounts can be provisioned with Exchange mailboxes, home folders, groups or any directory relationship.



Web Applications

Namescape customer, the Central Utah Clinic, uses rDirectory as the framework for hosting all of their internal web applications, as well as the applications created using rDirectory.  Role-based access controls ensure that users are only able to access and view the applications that are relevant to them.
Role-based access controls ensure that users are only able to access and view the applications that are relevant to them.


Confidently delegate tasks while maintaining control of your data

  • Delegation
  • Enforcement
  • Maintenance
None of these tasks are easily accomplished with native tools, however rDirectory gives administrators the flexibility and control they need to ensure accuracy and consistency in AD.
Here's How.


Delegation

rDirectory offers an authorization model that defines access based on different role types, so you can securely delegate routine tasks to users that typically take up valuable IT and Help Desk time.


Enforcement

To prevent users from entering inaccurate data or improper values, rDirectory utilizes advanced compliance controls such as:

  • Pick lists
  • Object Selectors
  • Validation Expressions

Continue to enforce data integrity with scheduled data validation tasks that remind or require a user or manager to update profile information in rDirectory.


Maintenance

To maintain current and correct Active Directory data, periodically require users and managers to verify the accuracy of their personal data using rDirectory’s Certify Information feature. Specify the intervals for certification and chose whether or not to make certification required or optional.


Add flexibility and power to traditional group-based authorization models


Roles provide a rich and flexible authorization mechanism when delegating tasks to users or Help Desk staff. Traditionally, roles are based on group membership and are applied to a specific feature to allow a user access to that feature - if they are a member of the appropriate group.

rDirectory expands on the familiar group-based authorization model by adding the ability to define access based on three role types.

  • Group-Based Roles - Similar to the default authorization model, group-based roles are supported for any security groups in Active Directory.
  • Relationship-Based Roles - Custom expressions are used to leverage existing relationships in the directory when delegating tasks to users.
  • Claim-Based Roles - Custom Expressions allowing a user to utilize the value of a specific attribute to access information.

Using rDirectory’s role-based access controls, you can confidently delegate to your users the routine tasks that typically consume valuable IT and Help Desk time.


Sharpen the focus on increased productivity and efficiency

rDirectory's Group Management features are available in both the Professional and Enterprise Editions.


Help Desk Features

Securely delegate password resets to Help Desk staff. When myPassword is used with rDirectory’s Professional Edition, Help Desk operators can use the myPassword profile to validate the user's identity.
Allow Help Desk staff to perform account management functions such as Unlock, Disable or Delete without granting them administrative rights. Email notifications can be generated for these events, so administrators are always on top of potential password reset and account issues.


Group Management

Delegate group management to Help Desk staff so they can add and delete users from groups. Users who are group managers may be authorized to add and delete members of their groups.


Self-Subscription to Groups

This time-saving feature allows a user to view a list of all the distribution groups that can be joined, subscribe to that group, and receive email notifications of group activity. Conversely, users can remove themselves from distribution groups when they no longer wish to be a member.


Self-Subscription to Query-Based Distribution Lists

This feature enables users to search for employees who match specific criteria and send a query-based email to only those users. Employees effectively subscribe or unsubscribe to and from these groups by editing the attributes in their profile that match the query.

Verify the accuracy of account and group information

Periodic verification of Active Directory data is vital step in ensuring the dependability of your organization’s data.

  • HR must ensure the accuracy of any data that affects payroll
  • IT administrators manage constant changes in an employee's department or location
  • A change in job responsibility or title can affect a user’s permissions to company resources and potentially create a security issue.

rDirectory's Certify Tasks feature also provides a method for users and their managers to specify the intervals for certification and make  certification either required or optional. Email notifications of task completion can be sent via established email policies.


Prompt users to update profile information

Data Validation tasks can be assigned to any attribute in a user’s profile. With this feature enabled, you have two completion options:


Optional:     Users can access rDirectory, with an option to open the Task Manager and complete the tasks at any time.
 
Required:     Users cannot access rDirectory until the data validation task(s) are complete.

This powerful feature is also versatile enough to allow IT administrators to choose which data integrity policies should be stringently enforced, and which can be treated with more flexibility. Using rDirectory’s powerful Role-Based Access Control feature, administrators can apply different data integrity policies to different users or groups. The completion options allow you to choose the level of enforcement for specific data and for selected users.


Using the ProfileValidator

The ProfileValidator is an optional add-on that can be used to enforce data integrity or password profile enrollment policies when the user logs on to Windows. It can be configured to either require the user to complete their profile before being allowed to logon, or simply suggest that the profile be updated. In this case, the user will be reminded on each logon until the updates are completed.

The ProfileValidator has several built-in mechanisms that minimize logon delays:


  • Allows you to configure the frequency that it checks the user's profile
  • Verifies connectivity to the domain prior to performing a scheduled check on a user's profile
  • Can be used on shared PCs and will treat each user independently


When no check is scheduled, no updates are required; or if the user is disconnected, the ProfileValidator simply exits quickly and the user logs on normally.




Using the ProfileValidator with myPassword

The ProfileValidator addresses the number one obstacle to the successful deployment of any self-service password reset solution: getting your users to enroll. Learn More!

When used with myPassword, the ProfileValidator will run on each user's PC at logon, and can be configured to either require the user to complete their profile before they are allowed to continue, or simply suggest that the profile be updated. In this case, the user will be reminded on each logon until the updates have been completed.

The ProfileValidator is an invaluable tool that facilitates the rapid enrollment of myPassword. And once your users can securely reset their own passwords, the relief to your Help Desk staff is immediate – resulting in a measurable ROI!


Create new accounts with the resources, relationship and data needed – in one step

Administrators are often reluctant to delegate provisioning tasks. Entering incorrect information can leave a user without the resources they need, resulting in Help Desk requests, or worse, with elevated rights and privileges that could result in a security compliance violation.

With rDirectory, an administrator can pre-populate information based on user function, department, domain/OU or physical location, and many other criteria. Administrators can allow or deny modifications to specific attributes depending on the rights of the operator, maintaining control of the provisioning process and ensuring that every user is provisioned consistently, with the access and resources they need. Every time.

Email and event log messages describe who changed what and when. Administrators can securely delegate provisioning tasks to Human Resources, department managers, or a junior administrator, confident that the process is performed exactly to the established standards.

 

Exchange Provisioning

Upon creation, user accounts can be provisioned with an Exchange 2003, 2007, 2010 and 2013 mailbox. The mail alias can be auto generated using a variety of formats from the first and last name.


Home Folders Provisioning

Upon creation, user accounts can be provisioned with Home Folders that are automatically created and secured.


Always know who changed what, and when

Configurable email notifications and audit logs ensure accounts cannot be created, modified or deleted without a complete record of the change.

Email notifications are supported for all edit, create, delete and manage actions. Audit logs can also be configured, providing valuable insight and supporting documentation for auditing and compliance reviews.

 

 

 

myPassword and rDirectory include a Report Console that allows you to search for specific user activity, view activity summaries, and generate and export activity reports in various formats. The report console may be accessed by granting the report access role in the Namescape Designer, and then selecting the Report Console button in the upper right corner of the rDirectory client.




The External STS authentication mode allows a user to logon and access rDirectory with federated credentials other than their local Active Directory credentials.

Server Requirements
  • Windows Server 2008 R2
  • IIS Role installed
  • Microsoft .NET Framework 4.5.1 or later installed
  • ASP.NET v4.0 extensions set to Allowed in ISAPI and CGI Restrictions
  • External STS mode requires a separate ADFS 2.0 server
OCS/LCS Presence

With the OCS/LCS presence information from Office Communications Server 2007, rDirectory users can see who is available and right-click to take immediate action using any enabled Office Communicator 2007 client capabilities – chat, video, audio, even Voice over IP (VoIP).


AD LDS Support

rDirectory provides rich, identity management applications for AD LDS (formerly known as ADAM), without requiring Active Directory’s extensive infrastructure.


Photo Support

Image controls that automatically adjust aspect ratios ensure that photos are displayed consistently, making it easy for any authorized user to add or edit photos.