Mobility

How to manage Active Directory from your iOS device

When you need to manage Active Directory from your mobile device, these apps and workarounds will make the process much easier.

Image: Jesus Vigo/TechRepublic

One of the most common and necessary IT tasks is managing Active Directory (AD) for any business running Microsoft's directory services. Luckily, there are apps and workaround solutions that can help you maintain AD from your iOS-based mobile device. Let's explore what's available.

SEE: iOS 9: The smart person's guide

AD HelpDesk

AD HelpDesk (currently version 4.1) takes a straightforward approach to managing AD through the use of buttons that perform preconfigured functions such as finding locked accounts and searching for computer objects. It can create, edit, rename, move, or delete AD objects, including password resets for user account management.

AD HelpDesk has a preferences section that you can configure to connect to specific domain controllers (DCs), modify attributes when querying databases, or target particular domains for administration, which is a huge help if you're managing multiple forests.

While the app does an admirable job of performing tasks, it can feel kludgy going from one screen to another. Also, the application was developed circa iOS 5 or 6, and the interface shows it when compared to other native apps offering similar capabilities.

Active Directory Assist

Active Directory Assist (currently version 5.0) meshes form and function for a fast, lightweight app that elegantly allows admins to perform similar functions as those listed above and then some.

Texting end users their newly reset passwords is a one-touch feature that eliminates additional steps from the end-user account reset process. You can seamlessly pull up reports to locate expiring accounts or passwords with the ability to sort the data based on time-stamp. With the profile creation feature, IT admins can create a profile based on the specific logon information for a particular domain. When choosing to manage a particular domain, switching domains is as easy as tapping the profile name and voila... you're in.

Active Directory Assist does have a few features that are not found on similar apps that make querying and managing data much easier. The ability to query specific DCs for example, would take considerably less time (and subsequently utilize less resources on the domain) to return results. The targeting capability inherent in AD can save IT support hours by drilling-down, therefore shrinking the search pool to render results quicker.

More about AD HelpDesk and Active Directory Assist

There are free versions of both apps. AD HelpDesk and Active Directory Assist apps are (mostly) full-featured and work without having to register or are limited to a trial time period.

Both apps are limited to common AD management tasks revolving around object management and maintenance. No scripting support or advanced schema administration is present, due to the limited functionality of not using the native AD snap-ins found in Windows.

If more advanced functionality is required, check out these solutions and workarounds.

Solutions and workarounds

VPN + Microsoft Remote Desktop

This workaround requires the implementation of a VPN server to provide connectivity to iOS devices from outside the network perimeter. Once a connection is established via VPN, the free Microsoft Remote Desktop app can be configured to remotely access the server for administration of AD using the native Microsoft snap-in.

ManageEngine ADManager Plus

ManageEngine provides systems, network, and infrastructure management services for SMB and enterprise businesses. ADManager Plus is used to manage every semblance of AD and features an iOS app that is used to communicate with the ManageEngine services.

The app looks sharp and well polished. Its management aspects are very clear and concise, and allow admins to manage almost every aspect of AD with account importing, bulk maintenance tools, and even support for Office 365, Google Apps, and Microsoft Exchange. All backed by Zoho, a trusted leader in CRM technologies.

Server Mobile Admin

A Swiss army knife of sorts for IT, Server Mobile Admin adds common AD tasks to a full kit of systems monitoring, remote access, IPMI-based hardware control, VMware management, network tools, asset tracking, and the list goes on and on.

IT Manager

Another jack-of-all-trades app that serves as a full-fledged monitoring, maintenance, and management toolset for everything from ESXi to Windows to remote access for Macs and Linux, network services administration to BlackBerry BES and Amazon AWS, in addition to support for AD management tasks.

Note: Server Mobile Admin and IT Manager require the use of agents that are installed on all the devices you wish to control remotely, in addition to service licensing costs.

Also see

About

Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from seve...

Editor's Picks

Free Newsletters, In your Inbox