Have you been inundated with software vendors trying to sell you products for your Windows environment? Have you had your IT staff try to convince you that a certain third-party software package could save them hours and provide many more features?
If you have, you are not alone. The number of software companies and products that work with Windows has grown by leaps and bounds now that Active Directory is seasoned and stable. The question is: Do you need these products?
What Microsoft does provide
If you are like most executives running a normal company, you want to get what you pay for, and -- if possible -- get something for free. When it comes to Microsoft Windows Server 2003, Windows XP Professional and Windows 2000, you do get a lot for your money. When you get Windows Active Directory up and running, the following features are included:
- Centralized network operating system
- Desktop and server image management using Remote Installation Service and Automated Deployment Services
- Centralized desktop management using Group Policy
- Centralized security management of desktops and servers using Group Policy
- Network services such as DNS, DHCP, WINS, Terminal Services, Remote Access, etc.
- Backup program for desktops, servers, Active Directory, DNS, PKI, etc.
- IP Security to protect network communications
- Certificate Services to manage your certificates
There is much more, but these are some of the most important features and solutions.
What is missing?
As you dive into these features and technologies that are provided with the Microsoft installation of Active Directory and their operating systems, you will find that they can be limiting. The solutions work and work well, but there are typically more specific configurations or features that each solution should incorporate. For this reason, you really need to investigate third-party software packages to see if they can provide you with more configurations and features than the solutions Microsoft provides.
What you will find is that your IT staff is typically correct when they say they can save numerous man hours by purchasing certain software packages to work with Windows and Active Directory. Some of the solutions might make administration easier, like those that work with Active Directory users, groups and computers.
Some packages might make administration and installation more efficient, like those that can distribute desktop images quickly. Some third-party solutions might add new features and functions that Microsoft doesn't provide, like those that can strip users from the Administrators group while still allowing them to run applications requiring Administrator privileges.
Finally, some third-party packages extend what Microsoft has developed within Active Directory and Group Policy. These solutions typically make the IT administrator's life easier while providing additional settings and control over the enterprise.
Third-party vendor software is essential to Microsoft and any company that runs Microsoft solutions. Windows Active Directory is an amazing solution that provides some innovative technologies. These technologies are fantastic in their own right.
However, adding a third-party solution to what Microsoft provides can make administration easier, features more rich, options more plentiful, and the entire network more secure. You should not purchase every third-party software package you see, but certainly evaluate numerous packages under each category to see if they can make your company more profitable.
This article originally appeared on SearchWin2000.com.
Derek Melber, MCSE, MVP, and CISM, is the director of compliance solutions for DesktopStandard Corp. He has written the only books on auditing Windows security available at The Institute of Internal Auditors' bookstore. He also wrote the Group Policy Guide for Microsoft Press -- the only book Microsoft has written on Group Policy. You can contact Melber at firstname.lastname@example.org.