As Directory Manager clocks up in excess of 500,000 managed accounts, almost exactly 20 years after its inception, it seems apt to reflect on the history of what has become the most widely adopted identity and account management platform in the NHS.
It was a sunny afternoon back in 2003 that a conversation being held with a Network Manager at Warrington Hospital lead to the question ‘Why do we put employee information into our HR system only to repeat the process for Active Directory?’. A perfectly reasonable question. To answer the question, BDS initiated an exercise to examine the feasibility of being able to extract salient data from their HR system and the ability to programmatically create Active Directory user accounts and assign the appropriate group memberships.
Success eventually gave rise to the first version of Directory Manager that acted as synchronisation service between the Prism HR system and Active Directory. This generated new Active Directory user accounts when staff started, updated them when the employment details changed and disabled accounts when the user left the organisation.
Version 1 was deployed to many NHS organisations over the next couple of years during which time BDS were responsible for the establishment of the NHS Address Book Service and the migration tools for NHSmail on-boarding. This significantly expanded the number of organisations into which BDS software was deployed providing a springboard for Version 2 of Directory Manager when released in 2010. Version 2 moved away from a synchronisation model and established the now tried and tested event-driven transactional approach to control provisioning.
Version 2 also provided native integration with the new Electronic Staff Record (ESR) system with staff changes now giving rise to individually approved transactions to either create or amend accounts. The combination of this ability to harness events from ESR and view the individual transactions via the web portal to control updates to Active Directory, Exchange and NHSmail provided a much easier model to test and control. Version 2 gave rise to accelerated uptake, extending the number of organisations using Directory Manager from a dozen or so to over 60.
Three years ago, Version 3 of Directory Manager arrived, introducing the new Digital Directory module. Previous versions of Directory Manager focused on one-to-one relationships between HR records and Active Directory. The Version 3 Digital Directory permits identity records from multiple systems to be associated with a member of staff and control the values submitted to account provisioning.
This allows organisations to easily join account data from many systems into the Digital Directory creating a better picture of the systems to which the user has access and providing relationships between them. It also introduced Office 365 integration, providing rich integration with licencing and auditing in Azure providing the ability to monitor licence usage to identify licences that are not being used. The latest version has further extended Directory Manager’s adoption to over 80 organisations now comprising over 500,000 accounts.
Directory Manager keeps moving forward with new facilities planned this year to provide greater messaging support via SMS and WhatsApp, pre-formed group membership workflows and new enhancements to the customisable web forms; all due to be included in v3.3 due later this year.
To better understand the principals and benefits of Directory Manager, BDS invite all organisations that have yet to deploy the solution to book an introductory session and demonstration via our web site, or email contact@bds-solutions.co.uk.