Global Retailer Uses eControl to Enhance Novell Identity Manager


This retailer's distribution
network covers all major world markets, including both wholesale and
retail sectors. The company enjoys one of the largest and most efficient
networks in its industry, with approximately 5,500 stores


A leading global retailer has deployed eControl to enhance its Novell Identity Manager implementation. This retailer's distribution network covers all major world markets, including both wholesale and retail sectors. The company enjoys one of the largest and most efficient
networks in its industry, with approximately 5,500 stores worldwide.

The retailer uses PeopleSoft and Novell Identity Manager to provision and synchronise accounts for approximately 70,000 users in 130 countries connected to servers running Novell NetWare, GroupWise, OES, Windows, Linux and other operating systems.

They added eControl to their system to decrease the number of accounts with supervisor rights on their systems, to improve security and regulatory compliance, to deliver a complete audit log of all user account changes in Novell GroupWise and eDirectory, to manage extended eDirectory schema values and to enable junior administrators to perform a restricted set of user management tasks from a browser.

eControl fulfills these requirements without having to assign service desk operators and non-technical staff ANY Trustee Rights in eDirectory, GroupWise and the file system.

The Challenge

"Prior to installing eControl, we had to assign supervisor Trustee Rights to over 20 staff members to allow them to manage Novell GroupWise, eDirectory and our file systems. With over 70,000 user accounts in our identity management vault and 3,000 users in our production tree, having that number of people with supervisor rights was a significant security and audit challenge," said a spokesperson for the retailer.

"We needed a solution that would allow us to eliminate these excessive rights, generate comprehensive audit logs of user account management changes, and manage our extended eDirectory schema values. As a 24 x 7 global retailer, the solution needed to be robust and flexibile enough to reflect our specific enterprise requirements."

"With high turnover in support staff, we needed a solution that would be easy to use and that would empower non-technical people to carry out user account management tasks securely with minimal training."

The Solution

The retailer implemented Omni eControl as the ideal complement to their Novell Identity Manager deployment because it delivered:

    • Web-based, "ZERO Rights" solution:  eControl allows junior administrators and service desk operators to perform a delegated, restricted set of user account management tasks – resetting passwords, managing GroupWise distribution lists, managing
      extended schema values, releasing intruder lockout and others – without ANY rights in Novell GroupWise, eDirectory or the file system. eControl users usually require fewer than 15 minutes of training to master eControl's intuitive web-based interface.

    • Improved security and regulatory compliance:
       eControl allows you to completely lock down your security environment. eControl users require NO Trustee Assignments, NO permissions, NO access to the file system, NO System Access Rights and NO access to ConsoleOne, NWAdmin or iManager. Disabling and expiring accounts can be securely delegated to HR personnel or junior support staff. Administrators can enforce strong password policies and reduce the risk of regulatory exposure and security liability.

    • Complete archivable audit log:  eControl's
      complete audit trail enables administrators to track and report on all
      account changes.

    • Extended schema value management:  eControl's configurable XML-driven interface provides complete flexibility to allow administrators to efficiently add fields or
      otherwise modify existing forms. This allows delegated staff to view and/or manage extended schema values that are populated from PeopleSoft into eDirectory by Novell's Identity Manager.

  • Complement to Novell Identity Manager:  As changes are made in eControl, Novell Identity Manager synchronises the changes across the retailer's multiple systems.

The Results

"We received an immediate return on our eControl investement. We went from having over 20 administrators with various levels of supervisor Trustee Assignments in eDirectory, GroupWise and the file system to only two," said the company spokesperson.

"eControl has profoundly changed the way we manage our systems. eControl allows us to revise our account management processes to better reflect our business needs. We can now securely delegate account management tasks to non-technical staff without any security concerns. We can now generate audit logs of all user account management changes and provide granular user change reports."

"The initial installation took under two hours to complete. The technical support team at Omni was outstanding. Given the complexity of our systems, there were a number of modifications that were required. The Omni development team responded immediately to our enhancement
requests. I can't speak highly enough about our satisfaction with the eControl team."

"With eControl, administrators now use a single, easy-to-use, web-based tool, rather than a combination of ConsoleOne, NWAdmin and iManager. There are now only two senior administrators who have supervisor rights anywhere in our system. I am very pleased with the flexibility that
eControl provided to allow us to customise the interface and task assignments to meet our specific needs. Our eControl deployment has received enthusiastic support and appreciation from our senior management, audit and security departments and service desk staff."

"We highly recommend eControl as an ideal complement to Novell Identity Manager. eControl has helped our company deliver on its enterprise network mandate and management needs."

Other Deployment Examples


Rockford Corporation uses eControl to enhance Sarbanes-Oxley (SOX) security compliance. eControl allows Rockford's Help Desk and junior administrators to carry out routine user account management tasks from a web browser -- with no trustee assignments in Novell GroupWise,
eDirectory or the file system.

Laurier University

Wilfrid Laurier University's Help Desk uses eControl to manage their 13,500 Novell Groupwise and NetMail accounts. "Our help desk operators, users and lab administrators are thrilled with the system. I strongly recommend eControl and Omni for all universities and colleges looking to
simplify their Novell GroupWise and NetMail help desk user account administration."

School District Increases ROI with Novell, EMU, and eControl

Pendergast Elementary School District chose EMU and eControl to provide bulk user management and distributed help desk user management to its large network. "The results were phenomenal!"

More Information about eControl








How To-Best Practice
Customer Stories
Comment List
Related Discussions