Web based Windows 2003 Active Directory group management:
Web site for end users to self create and subscribe to security and distribution groups. These groups would then need to be verified by a system administrator.
Key feature: The groups would need to be verified on a schedule that they group is still being used and if not they it is deleted from AD. This will keep stale groups out of AD. The verification would be sent via email to a group of people configured in the creation of the group (i.e. the creator, the creators’ supervisor and one other person the team maybe.)
Specifications: Group type – domain or global
Email alias – customizable
Responsible parties – creator and two others picked from the AD
Frequency of verification – customizable by administrator
AD user should be able to see a list of available groups and self subscribe to groups. This should be some kind of list with check boxes so it is easy to do a bulk add or remove.
(Note: not all groups in AD should be in this list or not all groups should be available for self subscription, this should be configurable by administrator)
An end user should be able to look at a list of the groups they have created and when they will be up for reverification
Administrator should be able to see all groups and edit the groups’ configuration and site configuration.