rotherham primary care trust derek stowe it infrastructure manager
TRANSCRIPT
![Page 1: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/1.jpg)
ESR/AD INTEGRATION&
QUEST ACTIVE ROLES SERVER
Rotherham Primary Care Trust
Derek StoweIT Infrastructure Manager
![Page 2: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/2.jpg)
Introduction to the Trust
Rotherham Nr Sheffield Serves a population of approx 248,000 1850 full/part time staff Microsoft Windows 2003 AD/Exchange Microsoft XP/Vista Desktop Touchpaper ITBM Service Desk SMS (SCCM)/SCOM/WSUS/Forefront Virtual Server environment Clustered SAN technology
![Page 3: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/3.jpg)
Specific IT Challenges
Security of the Domain Ensuring users have the correct access Ensuring users have timely access Ensuring accounts are up to date Time taken for account changes i.e. name
change Lack of information from HR Lack of information from department
managers
![Page 4: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/4.jpg)
IT Challenge for which we deployed the solution
Account creation could take anything from 3 days to 2 weeks.
Accounts existed that were up to 2 years old for employees that had left or moved
Very confused and messy paper trail Time spent chasing information Massive data overhead (profiles and
home directories)
![Page 5: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/5.jpg)
Considerations
ESR was being introduced across the NHS Integration into current Active Directory
and supplemental systems Active Directory access needed policy
control Easy to use interface for 1st line support Full automation of PCT employee
accounts including de-provisioning Cost and knowledge of company chosen Support knowledge and ease of self
support
![Page 6: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/6.jpg)
The Solution
Quest ARS and Password Manager Other solutions considered from leading
companies Currently used and using Quest toolsets Quest had a current solution that could
be adapted to our needs Very good knowledge of NHS current
deployments and relationship with CfH Excellent sales/installation and after sales
service
![Page 7: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/7.jpg)
The Result
Full integration of ESR data with AD Auto account provision/de-provision Auto assignment to groups Full reporting and auto creation of user’s
welcome letter Easy management user interface Full ROI expected within 9 months No staff input required apart from incidental
accounts i.e. temporary accounts so up to 20hrs per week saved across departments (est)
NO DOWNTIME
![Page 8: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/8.jpg)
Lessons learned
Reliance on 3rd party to send correct data format on time
Introduce procedures for managers prior to installation
Ensure availability of staff for training Watch and learn Use a company you trust and has
knowledge of the NHS Allow for bespoke projects to run over
time
![Page 9: Rotherham Primary Care Trust Derek Stowe IT Infrastructure Manager](https://reader036.vdocuments.mx/reader036/viewer/2022083004/56649eca5503460f94bd933b/html5/thumbnails/9.jpg)
Summary/Conclusion
By deploying Quest Active Roles and Password Manager we achieved full automation of our account management on AD and passed the onerous task of password resets to the end user.
This means we have a fully secure and up to date AD which requires very little account maintenance.
Time and money saved all round with the added bonus of full security