Most organizations have more group documents than they have person documents. This occurs due to uncertainty whether or not an existing group can be used, let alone changed. Instead of re-using existing groups, new ones are created over and over.

Taking not only a vast number of groups into account, but also how deeply they are nested, a company’s current security configuration is difficult – if not impossible – to see through.

Not so with panagenda GroupExplorer! Its most popular features include:

  • Visualizing your complete group structure
  • Enhancing maintainability and security
  • Providing clear insight into your security configuration
  • Resolving of groups and access control lists
  • Gaining absolute transparency on who has access to what
  • Automating client configurations
GE-Logo_198px

GroupExplorer Platforms:

IBM Domino

Who has access to what?

Not only can panagenda GroupExplorer tell you who has access to which databases across all of your servers, but it can also tell you:

  • Which access level (e.g., Reader, Editor, Manager, …) each user has in each of your databases
  • Which Roles and detailed access right attributes (e.g., read or write public documents, delete documents, …) each user has in each of your databases

This enables you to instantly check whether end users, who are promoted or switching departments or changing roles within the organization, have all relevant access rights and group memberships as expected.

Security assessments and compliance audits are also a breeze, because with panagenda GroupExplorer all the necessary security insights are always readily available.

Altogether, GroupExplorer is the perfect companion for administrators and security officers, ensuring full transparency across your databases and security infrastructure.

Who is in which groups and why?

Knowing all the members of a particular group – including all nested groups and certifiers – is already very valuable on its own.

Often the real question, however, is through which sub groups a user effectively becomes a member of a parent group. panagenda GroupExplorer tells you just that: Through which group path(s) is a user member of a particular group?

The following pictures show the example for an end user, who is a member of the group “#-cronus-RCA” through his membership in “LocalDomainAdmins”, as well as by being a direct member of “#-cronus-RCA” itself – in essence, removing the user from the group would not have any effect as the user is also a member of the group LocalDomainAdmins.

panagenda GroupExplorer: Group Pathing

Through such insight, administrators and security officers are finally in the know. Even better, by knowing about all dependencies, existing groups can be cleaned up, changed and re-used, and questions can be answered instantly and reliably.

Automating application deployment

GroupExplorer’s knowledge of who has access to what is even more powerful, time- and money-saving in combination with panagenda MarvelClient: GroupExplorer Automate.

Together, MarvelClient and GroupExplorer can:

  • Automatically add all databases to an end user’s desktop and bookmarks, that she or he has access to – including local replicas for all or select users and applications
  • Automatically remove databases an end user no longer has access to – including local replicas for all or select users and applications
  • Automatically change desktop and bookmark pointers when databases are moved from one server to another
  • Automatically remove desktop icons and bookmarks when databases are deleted on servers

In essence, GroupExplorer Automate reduces administration efforts that are otherwise necessary to ensure that end user configurations are in synch with your database catalog – across all of your servers, groups, and Access Control Lists (ACLs) – to near zero.

GroupExplorer Editions

GroupExplorer is avaliable in three different editions (Light, Analyze, Automate) to meet your exact needs:

Functionality Light Analyze Automate
Synchronisation of Group and Certifier membership changes with MarvelClient YES YES YES
Visualization of Group structures Limited to 25 groups YES YES
Analysis of Groups (views in GroupExplorer) Limited to 25 groups YES YES
Analysis of ACLs (views in GroupExplorer) Limited to 25 ACL s per server YES YES
Endpoint Analysis (views in GroupExplorer) YES YES
Synchronisation of your database landscape, groups and ACLs with MarvelClient YES
Automated deployment and undeployment of Databases in synchronisation with database creation, removal, moves and ACL changes YES