This article describes how to document AD security groups in IT Glue. This is a great way to share information with clients who have IT Glue sign-in credentials but who don't have direct access to Active Directory.
For more information about documenting Active Directory, see Active Directory.
Why use another tool to document AD security groups?
AD security groups are used to collect user accounts, computer accounts, and other groups into manageable units. But they do not always reflect business decisions. For example:
- Changes are sometimes made to AD groups when team members are engaged in troubleshooting or for temporary testing.
- Individuals might be added to folder security structures instead of being added to security groups.
- Sometimes, ADUC can get out of sync with the client's desired security structure.
Because of this, it's often a good practice to record security groups in a third-party tool that's shared with authorized key contacts, and use this as the ultimate resource for security group membership. Active Directory can then be updated and audited to reflect this external resource.
- You must have Manager or Administrator access to IT Glue.
- From Account > Flexible Asset Types, click the +New button.
- Enter a name in the Name field ("AD Groups"), select a relevant Icon, and enter a short Description.
- In the Fields section, edit your template to match the table further below.
- Click Save.
After you click save, the new flexible asset is available for immediate use.
There will need to be a shift in team workflow to ensure these lists are updated alongside Active Directory. Write procedures in IT Glue and then link the SOPs as related items to the flexible asset. Also, add the SOP URLs to PSA ticket templates.
Fields your flexible asset will need to have
|Order||Field Name and Options||Enable Checkboxes|
Show in List
Use for title
Show in List