The Challenge
Over the past decade, Active Directory has grown out of control. It may be due to organizational mergers or disparate Active Directory domains that sprouted up over time, but you are now looking at dozens of Active Directory forests and even hundreds of AD domains wondering and wishing it was easier to perform Active Directory monitoring on critical items or simply make things easier to work with. It's time to consider a full assessment, and to start Active Directory consolidation and unification.
Domain and forest migration and consolidation is not a simple task. Whether you're moving from one platform to another, doing some AD security remodeling, or just consolidating domains for improved management and reduced cost, there are numerous steps, lots of unknowns and an overwhelming feeling that you might be missing something. Sound familiar?
The Solution
STEALTHbits offers a multi-step strategy toward a clean Active Directory consolidation and helps you get to the point where your primary only concerns are to simply to do AD monitoring and reporting. Calling it the process, Active Directory Unification, we recognize that all consolidation projects aren't the same. The motivations differ, the technologies differ, and the Active Directory organizational structure and assets differ wildly. Most solutions on the market provide point A to point B migrations of Active Directory assets. This type of migration often contributes to making the problem worse over time. There's nothing wrong with using an Active Directory tool to help you perform an AD forest or domain migration, but knowing which assets to move and how to structure or even restructure them in the target domain is critical.
Where other tools fall short, STEALTHbits' Active Directory assessment phase helps you assess what objects are out there and how they are currently organized. StealthAUDIT provides visibility into which objects you need to move, how they're structured, how the current domain compares to the target domain, and where differences exist in GPO policies, schema, and naming conventions.
Once these conditions are found, the solution takes you through cleanup of the existing Active Directory domain and normalization of the assets for migration to the target domain. It eliminates toxic conditions and identifies objects that don't need to be migrated.
Beyond that, the StealthAUDIT platform provides a deep scan into Active Directory forests and domains to be consolidated and looks at server-level permissions and infrastructure across Active Directory, File Systems, Security Policies, SharePoint, SQL Server, and more. By performing this thorough assessment, you can perform a clean Active Directory consolidation where SID history is not enabled and access to resources is not affected.
After a domains and forests are migrated and consolidated, post-migration Active Directory assessment confirms that consolidated objects have arrived safely in the new domain with appropriate permissions. Moving forward, you'll have deep visibility into Active Directory domains to track GPO changes and catch toxic conditions as they occur.
A few of the solutions that help with Active Directory Domain Consolidations and Unification:
StealthAUDIT Management Platform (SMP) provides reporting across the infrastructure to identify high-risk and toxic conditions across your domains.
StealthNEWS for Active Directory provides administrators with a single portal by which to view the health of their entire AD infrastructure.
StealthINTERCEPT Directory Authority provides extremely advanced filtering and response on nearly all Active Directory events.
Complete visibility across the entire Active Directory infrastructure enables clean AD domain consolidations while making life easier for administrators and improving security overall.
