Directory Update is a web-based application that you host on your own internal Internet Information Server (IIS). Directory Update allows your end users to update their own information via a flexible self-service web page. The administrator controls which attributes the user is allowed to view and update as well as the drop-down lists and validation rules. Advantages of Directory Update include:
Enabling the Active Directory to be an up-to-date and usable organization resource
Improved accuracy of the data in the Active Directory through the use of drop-down lists, required fields, default values, and “address sets” features
Localizable interface can be customized for any language (US English is the only language provided.)
For Office 365 customers, Directory Update is nicely integrated with your directory and allows changes (including photos) in your directory to be replicated to Office 365 via Directory Sync.
Reduce trouble-tickets and load on the help desk by freeing up personnel from simple tasks such as changing a user’s phone number or address
Validate and enforce phone number formats - Valid phone numbers can be used by dialer programs such as the Microsoft Lync client or Skype of up if you publish the Active Directory using an application like our Directory Search tool.
Ability to update almost any string-based Active Directory attribute
Forms based or Integrated Windows Authentication (single sign-on)
An administrator can have Directory Update installed and fully functional in under an hour.
Directory Update is economically priced and licensed once per Active Directory domain
Directory Update - Resource Domain module (additional charge) allows organizations with account/resource domains to use Directory Update to update their Global Address List.
There are flexible and versatile applications that perform many of the same tasks as Directory Update, but cost 10 times what Directory Update costs; there are also similar applications that offer fewer features, less flexibility, higher deployment costs.
The product is customized through the use of options available in XML files. The administrator adds/enables the fields that he/she wants made available to the user's of Directory Update.
Directory Update was originally designed to be a web-based version of Microsoft’s GALMod utility. Every feature since the very first version has been features that have been requested by our customers. We like to think that the product is completely customer driven.
Directory Update features include:
All Active Directory text and telephone number fields supported; the administrator defines which fields are visible and editable.
Interface can be localized to any language.
Field types can allow either free-form text, dropdown lists, or combination boxes.
Regular expression validation of data available such as telephone number fields
Address Sets feature allows multiple fields to be populated (such as street, city, state, country) when another field is selected (such as Office)
Sub Sets feature allows a value selected for one field (such as Company) to set a specific list of values for a child field (such as Department)
Logging of changes to text files and last date/time of changes to Active Directory
Email notification of changes (to the user, the user’s manager, and/or a predefined e-mail address)
Forms-based authentication or Integrated Windows Authentication
Multiple domains within the same forest can be supported on the same installation
Manager, Secretary, and Assistant fields available. These special lookup fields map to specific objects (users or contacts) in the Active Directory.
Required fields and default values for fields
Customizable help strings, help page, page title, window titles, attribute labels, and button titles
Customizable field notes and examples
User can change their own password (if the Password Management tab is enabled)
Some of the elements of the Directory Update interface include drop-down lists, text boxes, labels, help text, examples, read only fields (non-editable), photo support, and an optional Password Management tab.
We urge all potential customers to download Directory Update, install it in your environment, and customize it for your use. You will see how easy it is to get Directory Update up and running.
You can download a fully functional from the Product Downloads page of our Web site; the evaluation will be fully functional for 21 days with no limitations. We will not ask you for your e-mail address, telephone number, or first born; all you have to do is download the software. And, if you run in to problems and have a question, we will give you the same great support we give our customers.
If you choose to buy Directory Update, you keep your customized configuration; using the Configuration wizard to convert from evaluation to licensed by entering your license key.
Note quite ready to download the evaluation and install it yourself? Not a problem! You can still see Directory Update in action on our "live" demo page. This is a test Active Directory with a test set of data. The Directory Update installation is pretty much a default install with a few features enabled to give you a feel for how the software works. The photo upload feature is disabled, by the way.
Directory Update has been in continual development since 2006. We release a new version about once every six to nine months. The features and functionality in those new releases reflect customer requests, bug fixes, updates to support new browsers/operating systems, and more.
Note that most new versions of Directory Update require a new license key. Please contact support(at) ithicos.com if you wish to determine if your eligible for a free update.
Existing customers: You cannot just install the new version over the top of the old version. See Upgrading TechNotes
Windows Server 2016 compatibility
Fields (attributes) can now be moved around on the interface by cutting and pasting the appropriate line in the DirectorySettings.XML file.
Improved photo upload feature; more intuitive and fewer clicks to upload a photo.
New boolean attribute type; set field type to "checkbox".
Limited abilities to specify authorized users based on the organizational unit (OU) in which the user account is contained.
Updated screen and sizing controls; now using Bootstrap style sheets for better screen resizing.
Directory Password v3.0 compatibility.
Attributes' LDAP attribute names and maximum field lengths are now defined in the XML file.
Directory Update is now the master location for the PasswordSettings.XML file if you use Directory Password or Directory Manager.
Miscellaneous bug fixes and improved error detection.
Added compatibility with Directory Password v2.0
Optimized the user interface to allow photos larger than 128x128. We have tested photos up to 648x648.
Updated installer so that it better recognizes Windows server editions with European language sets.
Added photo to email notification feature.
Fixed issue with conflicting compression modules that sometimes caused interface features to stop working. Updated image compression module to use a newer library that allows variable control of the compression factor. The photo quality option allows the administrator to designate an image compression factor. The value can be between 0 and 100. A value of 0 is a very low image quality and very small file size (often 1K to 2K.) A value of 100 is a high quality image (less compression) and a larger file (14K to 18K for a 128x128 image.)
Allowed option to disable the Remove Photo link when photo is enabled.
Changed photo image upload feature so that if photo size (in pixels) exactly matches the pixel dimensions set in the DirectorySettings.XML file, then no compression is used.
Fixed issue where larger photos did not display properly and fixed an issue where occasionally the cropping function crashed.
Updated RAD controls.
Updated to new installer technology (Wix) that better automates the installation process. Dedicated application pool now created and assigned. Folder permissions for NetworkService now automatically assigned.
Windows Server 2012 / Windows Server 2012 R2 support. Windows 2008 x64 / Windows 2008 R2 support. Contact support about x86 support.
Code update so that .NET Framework v4.0 is used rather than v2.0 Framework. Updated AJAX controls.
Added a feature to show required fields next to the field label.
Browsers supported: IE 8, 9, 10, 11. Firefox 19.x and later. Chrome 15.x and later. Note, IE must *not* be in IE 7 compatibility mode.
Introduced Resource Domain module for customers with resource domains. User logs in to Accounts domain, but can update their Resource Domain account information. Additional / add-on cost item.
Improvements in password strength filtering including a blocked-password list that the administrator can enabled.
Minor bug fixes including improving photo crop control compatibility.
Updated code so that software is fully functional in evaluation mode for 21 days.
Changes to photo upload control so that cropping is now allowed.
Photo upload control will now resize rectangular photos based on longest axis; this reduces likelihood of photo being squished or stretched.
Maximum source photo size (before resizing) is 2MB but administrator can override this via AppSettings.XML file. Once the photo is uploaded, the photo is still only between 5KB and 8KB when stored in the Active Directory.
Change Password feature now allows either customized password complexity or the ability to use Microsoft password complexity rules (3 out of 4 character types). This is configurable via the PasswordSettings.XML file.
A bug was fixed that prevented a user from updating their security questions when the Directory Password module is enabled.
Improved support for IE 9.x/10.x and through Firefox 19.x.
Fixes to audit logging (auditing to text file) and now logs that the photo was updated though we don't keep the old photo.
Allows "Logoff" and "Help" buttons to be hidden via configuration options in AppSettings.XML file.
AJAX (aka RAD controls) updated to newer version.
Password change functionality - User can change their own password if they know their password.
Email notification of changes to the user, user's manager or predefined SMTP address
Subsets features allows for the creating of a parent-> child relationship between two attributes. The values available in the child attributes' drop-down list depend on which value was selected for the parent.
Updated support for Internet Explorer 9 and Firefox 4.x
Integration with Directory Password v1.0; a separate product that allows a user to unlock their account or reset their password if they have forgotten their password
Improved error handling and friendlier messages for common errors.
Upgraded to latest version of Telerik RAD / AJAX controls to improve browser compatibility.
File logging / auditing capability allows all changes to be recorded to a text log file.
Coded attributes values. When user selects a specific value (such as city name, a code is stored in the attribute rather than the city name.
Support for Internet 8.0 and Firefox 3.x
Allow for use of phone numbers and other attributes with the AddressSets feature.
Upgraded code to use Microsoft .NET Framework v3.5
Telephone number format performed based validation rules defined for country selected.
Masked text phone number allows tight formatting of telephone numbers; note that phone number format control via regular expression is still more flexible.
Introduced photo upload capability to either the thumbnailPhoto or jpegPhoto attribute or storing the photo in a URL path. Storing in thumbnailPhoto is strongly advised.
AddressSets feature allows a user to select an attribute such as Office and have additional attributes automatically populated such as street, city, state, country.
Add additional attributes to user interface options in DirectorySettings.XML file.
Double-wide field and multi-line field control available.
Auditing (to an attribute such as extensionAttribute11) allows for date/time of change as well as IP address from which the change was made.
Multi-domain support - A single installation of Directory Update can support more than one domain in the same forest.
UPN name logon support and Integrated Windows Authentication (aka Single Sign-on).
We have tried hard to make Directory Update as functional and feature rich as possible while ensuring that the product remains affordable and simple to install. Inevitably, though, some organizations may require some specialized features that we do not support. We want you to understand the limitations of our products so that you can make sure you are buying the right solution for your company. The following are some of the limitations that we are occasionally asked about.
The IIS server on which Directory Update is installed must be in the same forest as the users that will use Directory Update.
We do not automatically enable SSL / HTTPS; you must do this for your IIS servers.
Active Directory was designed to store fairly small amounts of data that does not change frequently. Storing paragraphs of data in Active Directory may not be practical. Most attributes store 1KB of data or less but the phone number and title fields may hold less than 64 bytes of data. There is nothing that any application can do to get around this.
Our data source for drop-down fields is our XML files; we do not have a mechanism for connecting to external databases. We cannot use the existing data in Active Directory as a validation source for drop-down lists.
Directory Update uses a static domain controller name that is configured via the Configuration wizard. We do not dynamically discover domain controllers in the local site.
We design and test our applications with specific browsers (such as IE 8 - IE 11, Chrome, and Firefox.) Browser updates may break our applications.
Directory Update does not allow a user to update other user's information. We have a separate product called Directory Manager that allows an authorized user to update other user's information.
We now provide limited support for resource forest usage. Directory Update must be installed in the domain in which the user accounts are created, not in the resource forest. The Resource domain module is an add-on option (additional cost) to Directory Update. Contact email@example.com for more information.
Keywords: Active Directory galmod self-service web page update gal global address list exchange Outlook
Last Review: 16 April 2018