Delegated administration


Delegated administration

Delegated administration describes the decentralization of role-based-access-control systems. Many enterprises use a centralized model of access control. For large organizations, this model scales poorly and IT teams become burdened with menial role-change requests. These requests — often used when hire, fire, and role-change events occur in an organization — can incur high latency times or suffer from weak security practices.

One best practice for enterprise role management entails the use of LDAP groups. Delegated administration refers to a decentralized model of role or group management. In this model, the application or process owner creates, manages and delegates the management of roles. A centralized IT team simply operates the service of directory, metadirectory, web interface for administration, and related components.

Allowing the application or business process owner to create, manage and delegate groups supports a much more scalable approach to the administration of access rights.

In a metadirectory environment, these roles or groups could also be "pushed" or synchronized with other platforms. For example, groups can be synchronized with native operating systems such as Microsoft Windows for use on an access control list that protects a folder or file. With the metadirectory distributing groups, the central directory is the central repository of groups.

Some enterprise applications (e.g., PeopleSoft) support LDAP groups inherently. These applications are capable of using LDAP to call the directory for its authorization activities.

Web-based group management tools — used for delegated administration — therefore provide the following capabilities using a directory as the group repository:

  • Decentralized management of groups (roles) and access rights by business- or process-owners
  • Categorizing or segmenting users by characteristic, not by enumeration
  • Grouping users for e-mail, subscription, and access control
  • Reducing work process around maintenance of groups
  • Reproducing groups on multiple platforms and into disparate environments

See also


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Delegated — Delegate Del e*gate, v. t. [imp. & p. p. {Delegated}; p. pr. & vb. n. {Delegating}.] 1. To send as one s representative; to empower as an ambassador; to send with power to transact business; to commission; to depute; to authorize. [1913 Webster]… …   The Collaborative International Dictionary of English

  • Delegated Legislation Committees — are general committees of the House of Commons of the United Kingdom that allow for debate of statutory instruments and Church Measures that have been laid before the House of Commons. With respect to statutory instruments, it differs from the… …   Wikipedia

  • Delegated Powers and Regulatory Reform Select Committee — The Delegated Powers and Regulatory Reform Committee is a committee of UK parliamentarians. Members are drawn from the House of Lords. The committee has several primary functions. Contents 1 Orders 2 Rationale 3 Working practices …   Wikipedia

  • China Earthquake Administration — The China Earthquake Administration (CEA), (simplified Chinese: 中国地震局; traditional Chinese: 中國地震局; pinyin: Zhōngguó dìzhèn jú) is mandated by the Law of the People s Republic of China on Protecting Against and Mitigating Earthquake Disasters of… …   Wikipedia

  • Federal administration of Switzerland — Switzerland This article is part of the series: Politics and government of Switzerland …   Wikipedia

  • Bahá'í administration — The Bahá í administration refers to the administrative system of the Bahá í Faith.It is split into two parts, the elected and the appointed. The supreme governing institution of the Bahá í Faith is the Universal House of Justice, situated in… …   Wikipedia

  • State Food and Drug Administration — The State Food and Drug Administration (SFDA) (zh s|s=国家食品药品监督管理局) is founded on the basis of the State Drug Administration. The State Food and Drug Administration is directly under the State Council of the People s Republic of China, which is in …   Wikipedia

  • Defense Production Administration — The Defense Production Administration (DPA) was an independent agency of the United States government whose function was to oversee and control defense production programs of the United States during wartime mobilization. The Office of Defense… …   Wikipedia

  • Policies of the Shinawatra administration — As Prime Minister of the Kingdom of Thailand, Thaksin Shinawatra initiated many distinctive policies affecting the economy, public health, education, energy, drugs, and international relations. His policies have made him very popular with the… …   Wikipedia

  • provincial administration —    Spain s provinces were first established as entities of local administration in 1833. Until the new decentralized structure of the state was ushered in during the early 1980s, the country had fifty provinces, but following the creation of six… …   Encyclopedia of contemporary Spanish culture