Identity and Access Management

Identity and access management, including accounts, authentication, access, and role-based provisioning at the enterprise level.

Azure AD Management Services

  • Maintain Active Directory Group Membership
  • Register and Manage AD Resource Groups
  • Manage Permissions on App Registration

An Active Directory Organizational Unit (OU) allows you to manage security groups for access to resources, organize workstations, and apply group policies to workstations and other devices.

Request to create a departmental OU

IT Services will contact you for the necessary information to complete your request. If your department has an OU, the existing OU admin can create a new OU within the departmental OU and grant access to it.

Once your OU is created, install the Remote Server Administration Tools (RSAT) for Windows.

Activate RSAT

To create and manage security groups, ensure you are logged into a computer that is joined to the uark.edu domain and that you have permissions to create groups. Please see your OU administrator for details

Secondary Account Requests

Secondary accounts are created by request and assigned to a primary owner to provide alternative access to university resources.  To provide uninterrupted functionality, all secondary accounts should be transferred before the primary account expires when the primary account owner leaves the university.  

Secondary Account Requests:

  • New Secondary Account
  • Expire a Secondary Account
  • Transfer a Secondary Account
  • Multiple Secondary Account Requests

NOTE: The request form has a spreadsheet to accommodate multiple secondary account requests. Follow the instructions on the form for this type of request.

Secondary Account Types:

  • Departmental account - An account used for departmental use such as an email or website where access may need to be shared among multiple people to maintain a departmental presence. If these accounts are to be used for email, they should be defined as a shared mailbox and include the list of email addresses which should have read and send access to the shared mailbox.
  • Service account – An account used to provide automated service between platforms or processes. The password should not be considered permanently “non-expiring” since the password should still be changed occasionally.
  • Sponsored account – Accounts that are assigned as a secondary account to a university person but will be used by a non-owner for short term access to university resources. For sponsored accounts, the owner can share the password with the non-owner, however, the owner is responsible for maintaining the password and is responsible for the results of the use of the account.
  • Personal secondary account – A secondary account requested for personal use. For example, as a test account for work access outside the primary account or a personal account to be given higher temporary access than the primary account
 
Access another mailbox or OneDrive Request Azure AD Service Request Multifactor Service Request Secondary Account

Related Articles (1)

An Active Directory Organizational Unit (OU) allows you to manage security groups for access to resources, organize workstations, and apply group policies to workstations and other devices.

Service Offerings (4)

Access another mailbox or OneDrive
Request access to an Office 365 mailbox or OneDrive.
Azure AD Management
Manage security groups for access to resources, organize workstations, and apply group policies to workstations.
Secondary Account Requests
Secondary Account Requests