Allowing users to update their own AD user information displayed in GAL?

What is the most recommended tool/solution for allowing users to effectively
update their own Active Directory user information (all informational
fields) that is displayed in the GAL? Thank you.

*note: All 2003 environment (AD, Exchange and Outlook).

is true. but it also depends on what you care about being consistent,etc..
If you do not care about mobile phone numbers you can let the user do that
him/herself.

I agree if it would a name change you would have to submit to HR or someone
to validate (e.g. when someone gets married and because of that the name
changes and the person wants to use that name)

Hello barkley,

I would not let the users play around, you have more work after that.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> What is the most recommended tool/solution for allowing users to
> effectively update their own Active Directory user information (all
> informational fields) that is displayed in the GAL? Thank you.
>
> *note: All 2003 environment (AD, Exchange and Outlook).
>

Hum. In one hand they can maintain their own information updated with the
most recently information. In the other hand hey can cheat data or their
record :D.
Assuming that internal policy states that the user must update its own
information, you'll know how cheated :P.
Of course you always have auditing to check who did it, tracking that
information can be "PITA"


--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

We're saying the same thing, I just said it crappy. I should have said that
achieving standardization is a nightmare when everyone enters his or her own
data.

The best way to populate data in AD is through synchronization from human
resources and other systems where the data is properly controlled and
maintained.
--
Ed Crowley MVP
"There are seldom good technological solutions to behavioral problems."
..

"Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message
news:0cpha4ph92185qc80l0m5rnmjqcgk6est8@4ax.com...
> On Sun, 17 Aug 2008 17:16:54 -0700, "Ed Crowley [MVP]"
> <curspice@nospam.net> wrote:
>
>>Standardization is a nightmare.
>
> Anarchy is not?
> ---
> Rich Matheisen
> MCSE+I, Exchange MVP

On Mon, 18 Aug 2008 18:29:12 +0200, "Jorge de Almeida Pinto [MVP -
DS]" <SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote:

>even the HR people can make a mess of it

True, but there are fewer of them and it's not as difficult to get
them to conform.

>it depends on what is import for you for users not to screw it up or what
>you do not care about.

What you don't care about doesn't belong in a directory.

>A way to mitigate a risk is to create some kind of
>self service web page that does not checks and also provides informational
>examples of possible entries

If you don't care there's no risk, is there?

If, at some time in the future you/do/ decide to care you'll have a
big cleanup job to undertake.
---
Rich Matheisen
MCSE+I, Exchange MVP

"Ed Crowley [MVP]" <curspice@nospam.net> wrote in message
news:uHX9vIWAJHA.1180@TK2MSFTNGP04.phx.gbl...
> Yeah, but if the HR people do make a mess of it it's their problem.
> --
> Ed Crowley MVP


I agree. What we do in one large corp I work at is HR submits an employee
initiation form to IT security (AD folks) and they create the user and
populate data based on SOP. If any changes are required, HR or the user
submits a service request, it's evaluated for viability and need, and
reacted on whether it gets updated or denied, once again based on SOP.

Standardization, consistency and central control all based on SOP.

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations

"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in message
news:%237D2TjCBJHA.5316@TK2MSFTNGP04.phx.gbl...
> is true. but it also depends on what you care about being consistent,etc..
> If you do not care about mobile phone numbers you can let the user do
> that him/herself.
>
> I agree if it would a name change you would have to submit to HR or
> someone to validate (e.g. when someone gets married and because of that
> the name changes and the person wants to use that name)

Even mobile #s. It's a strict shop. Due to the nature of the business, there
are some fed guidelines that must be followed. I'm not saying a mobile #
would fall under such scrutiny, but without saying much further, they're
requirements are tight.