{"id":47554,"date":"2025-05-07T08:00:30","date_gmt":"2025-05-07T07:00:30","guid":{"rendered":"https:\/\/www.firstware.com\/?p=47554"},"modified":"2025-05-12T09:43:53","modified_gmt":"2025-05-12T08:43:53","slug":"ad-and-authorization-audit","status":"publish","type":"post","link":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/","title":{"rendered":"AD and authorization audit: Control, compliance and clarity with IDM-Portal"},"content":{"rendered":"<p><a href=\"https:\/\/firstware.com\/en\/systems\/active-directory\/\">Active Directory (AD)<\/a> is the central hub of many IT infrastructures. It is where user accounts, groups, and access rights are managed centrally\u2014but this is also where potential security risks lie. Over time, <strong>permission structures can become complex<\/strong> and fragmented, often <strong>lacking transparency and traceability<\/strong>. What started out as an exception (\u201cGive him access to the project drive for a moment&#8230;\u201d) quickly becomes the norm that no one questions anymore. What is often overlooked is that every access means a potential risk.<\/p>\n<p>At this point, the question is: <strong>Who has access to what \u2013 and why?<\/strong><br \/>\nMany companies find this difficult to answer. This is exactly where the AD permissions audit comes in. \ud83d\udc49 <strong><a href=\"#AD authorization audit with IDM-Portal\">See how we solve your problem.<\/a><\/strong><\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung2 aligncenter\">Contact us for expert advice<\/button><\/a><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Index<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#Why-an-authorization-audit-in-AD-is-essential\" >Why an authorization audit in AD is essential<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#Challenges-in-auditing-access-rights\" >Challenges in auditing access rights<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#Our-solution-FirstWare-IDM-Portal\" >Our solution: FirstWare IDM-Portal<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#A-brief-comparison-Without-vs-with-IDM-Portal\" >A brief comparison: Without vs. with IDM-Portal<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#Conclusion-Implement-AD-authorization-audits-easily-securely-and-with-lasting-results\" >Conclusion: Implement AD authorization audits easily, securely, and with lasting results<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#More-about-the-FirstWare-IDM-Portal\" >More about the FirstWare IDM-Portal<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"Why-an-authorization-audit-in-AD-is-essential\"><\/span>Why an authorization audit in AD is essential<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A regular AD authorization audit creates transparency. It reveals outdated authorizations and is a <strong>must for security standards such as ISO 27001 or KRITIS<\/strong>. It is a structured review of the access rights assigned in Active Directory. The goal is to gain clarity about who has which permissions and whether these access rights are necessary.<\/p>\n<p>Companies must not only ensure that their access rights are correct\u2014they must also be able to prove it. This involves:<\/p>\n<p><strong>\ud83d\udd12 Security:<\/strong> Overprivileged user accounts are security risks for internal and external attacks.<br \/>\n<strong>\ud83d\udd0e Transparency:<\/strong> Only those who know what the access structure looks like can identify weak points.<br \/>\n<strong>\u2705 Compliance:<\/strong> External requirements such as GDPR, ISO 27001, BAIT, MaRisk, or KRITIS requirements demand audit-proof proof of authorizations.<br \/>\n<strong>\ud83d\udcc4 Accountability:<\/strong> Who accessed what, when, why, and who approved it?<\/p>\n<p>Particularly in the context of recertification or internal security guidelines, companies must demonstrate in a transparent manner that their access rights are regularly reviewed and adjusted.<\/p>\n<p>A good audit helps with this by:<\/p>\n<ul>\n<li>Identifying outdated or unnecessary permissions<\/li>\n<li>Uncovering orphaned user accounts (e.g., former employees)<\/li>\n<li>Critically review roles and groups<\/li>\n<li>Identify users with excessive privilegesn<\/li>\n<li>Provide documentation for external audits (e.g., GDPR, ISO 27001, KRITIS)<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Challenges-in-auditing-access-rights\"><\/span>Challenges in auditing access rights<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>An external auditor asks clear questions:<\/p>\n<ul>\n<li>Is there a structured procedure for assigning and controlling rights?<\/li>\n<li>Are rights regularly reviewed and documented?<\/li>\n<li>Can you prove that the current authorizations correspond to the requirements?<\/li>\n<li>Is there an escalation procedure if something is not approved?<\/li>\n<\/ul>\n<p>In practice, it is clear that <strong>many IT departments have neither the capacity nor the appropriate tools to carry out audits efficiently<\/strong>. Although reports can be generated using standard AD tools, these are often confusing, technically demanding, and not usable by specialist departments.<\/p>\n<p>Yet it is precisely these departments that are in a position to assess whether a particular access is still justified. Without a suitable solution, responsibility is often placed solely on IT\u2014with the risk that decisions will be made that are not correct.<\/p>\n<p>There are often Excel lists, screenshots of AD groups, outdated role descriptions\u2014but usually no clear processes for repeating these regular checks.<\/p>\n<p>Due to the distributed responsibility and the use of a central technology, coordination is often time-consuming and error-prone. Confusing structures such as nested groups or missing naming conventions make it difficult to maintain an overview. In addition, changes are often not documented. This means that there is no evidence when an audit is carried out.<\/p>\n<h2 id=\"AD authorization audit with IDM-Portal\"><span class=\"ez-toc-section\" id=\"Our-solution-FirstWare-IDM-Portal\"><\/span>Our solution: FirstWare IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>This is exactly where the IDM-Portal comes in. Our IAM solution offers a user-friendly, web-based solution for automated authorization audits in Active Directory \u2013 without complicated tools and without in-depth IT knowledge.<\/p>\n<p>How auditing works with the IDM-Portal:<\/p>\n<ul>\n<li><strong>All authorizations at a glance:<\/strong><\/li>\n<\/ul>\n<p>The portal shows at a glance which users have access to which resources \u2013 in a clear layout, even for departments without IT expertise.<\/p>\n<p><img decoding=\"async\" class=\"imgshadow aligncenter wp-image-47582 size-full\" title=\"All authorizations at a glance in IDM-Portal\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png\" alt=\"All authorizations at a glance in IDM-Portal\" width=\"813\" height=\"625\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png 813w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal-300x231.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal-768x590.png 768w\" sizes=\"(max-width: 813px) 100vw, 813px\" \/><\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung2 aligncenter\">Talk to us\u2014we&#8217;re here to help<\/button><\/a><\/p>\n<ul>\n<li><strong>Recertification processes:<\/strong><\/li>\n<\/ul>\n<p>Responsible parties are automatically notified when permissions need to be checked. With just a few clicks, they can confirm, change, or revoke rights.<\/p>\n<p><img decoding=\"async\" class=\"imgshadow aligncenter wp-image-47584\" title=\"AD authorization audit: Recertification processes\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-1024x660.jpg\" alt=\"AD authorization audit: Recertification processes\" width=\"813\" height=\"524\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-1024x660.jpg 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-300x193.jpg 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-768x495.jpg 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-1536x990.jpg 1536w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Recertification-of-authorizations-2048x1320.jpg 2048w\" sizes=\"(max-width: 813px) 100vw, 813px\" \/><\/p>\n<ul>\n<li><strong>Accountability:<\/strong><\/li>\n<\/ul>\n<p>Every change is logged. It is possible to trace who approved or changed what and when at any time \u2013 ideal for audits and documentation.<\/p>\n<p><img decoding=\"async\" class=\"imgshadow aligncenter wp-image-47586 size-full\" title=\"AD authorization audit: Accountability in IDM-Portal\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/Accountability-in-IDM-Portal.png\" alt=\"AD authorization audit: Accountability in IDM-Portal\" width=\"963\" height=\"409\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Accountability-in-IDM-Portal.png 963w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Accountability-in-IDM-Portal-300x127.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Accountability-in-IDM-Portal-768x326.png 768w\" sizes=\"(max-width: 963px) 100vw, 963px\" \/><\/p>\n<ul>\n<li><strong>Role-based work:<\/strong><\/li>\n<\/ul>\n<p>Rights can be assigned to clear roles, which improves security.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-47588 size-large\" title=\"Role-based access in IDM-Portal\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-1024x640.png\" alt=\"Role-based access in IDM-Portal\" width=\"1024\" height=\"640\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-1024x640.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-300x188.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-768x480.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-1536x961.png 1536w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Role-based-approach-in-IDM-Portal-2048x1281.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<ul>\n<li><strong>Delegation:<\/strong><\/li>\n<\/ul>\n<p>Departments take responsibility for their own data areas \u2013 without burdening IT.<br \/>\n\u00a0<img decoding=\"async\" class=\"imgshadow aligncenter wp-image-47590 size-full\" title=\"HR department creates a new user\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/Create-user-in-IDM-Portal.png\" alt=\"HR department creates a new user\" width=\"833\" height=\"446\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Create-user-in-IDM-Portal.png 833w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Create-user-in-IDM-Portal-300x161.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2025\/05\/Create-user-in-IDM-Portal-768x411.png 768w\" sizes=\"(max-width: 833px) 100vw, 833px\" \/><\/p>\n<p><strong>The FirstWare IDM-Portal is a comprehensive IAM solution that offers added value for your organization. The IDM-Portal focuses on standardization, optimization, and user-friendliness.<\/strong><\/p>\n<p>Key advantages summarized:<\/p>\n<ul>\n<li>Easy operation for IT and specialist departments<\/li>\n<li>Transparent display of all authorizations<\/li>\n<li>Automated recertification with workflows and reminders<\/li>\n<li>Audit-proof documentation of every change<\/li>\n<li>Delegated responsibility: specialist departments check themselves \u2013 reducing the workload for IT<\/li>\n<li>Secure integration into existing AD environments<\/li>\n<li>Time and resource savings through clearly structured processes<\/li>\n<\/ul>\n<p>Responsible parties can see at a glance which users have access to which systems, files, or applications\u2014and can decide directly in the system whether these rights should remain in place.<\/p>\n<p>Thanks to automated recertification workflows, deadlines are met, responsibilities are clearly defined, and all changes are logged in a traceable manner. This is particularly advantageous during audits, both internal and external.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"A-brief-comparison-Without-vs-with-IDM-Portal\"><\/span>A brief comparison: Without vs. with IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<table>\n<thead>\n<tr>\n<td>\n<p><strong>Topic<\/strong><\/p>\n<\/td>\n<td>\n<p><strong>Ohne IDM-Portal<\/strong><\/p>\n<\/td>\n<td>\n<p><strong>Mit IDM-Portal<\/strong><\/p>\n<\/td>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>\n<p><strong>Permission overview<\/strong><\/p>\n<\/td>\n<td>\n<p>Manual, often incomplete<\/p>\n<\/td>\n<td>\n<p>Complete, clear<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>Participation of the departments<\/strong><\/p>\n<\/td>\n<td>\n<p>Complicated or not at all<\/p>\n<\/td>\n<td>\n<p>Direct, simply in your browser<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>Documentation of decisions<\/strong><\/p>\n<\/td>\n<td>\n<p>Not traceable<\/p>\n<\/td>\n<td>\n<p>Audit-proof logging<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>Time required<\/strong><\/p>\n<\/td>\n<td>\n<p>High, numerous approvals<\/p>\n<\/td>\n<td>\n<p>Significantly reduced through automation<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<p><strong>A<\/strong><strong>uditability<\/strong><\/p>\n<\/td>\n<td>\n<p>Restricted<\/p>\n<\/td>\n<td>\n<p>Fully auditable<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2><span class=\"ez-toc-section\" id=\"Conclusion-Implement-AD-authorization-audits-easily-securely-and-with-lasting-results\"><\/span>Conclusion: Implement AD authorization audits easily, securely, and with lasting results<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>An authorization audit in Active Directory is a central element of corporate security. It ensures that data is only available to those who really need it \u2013 and that these decisions are documented and traceable.<\/p>\n<p>Those who rely on reliable processes and clear responsibilities save time, reduce risks \u2013 and meet the requirements of auditors.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"More-about-the-FirstWare-IDM-Portal\"><\/span>More about the FirstWare IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img decoding=\"async\" class=\"alignleft wp-image-36704\" title=\"IDM-Portal Hybrid IAM solution\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png\" alt=\"IDM-Portal Hybrid IAM solution\" width=\"238\" height=\"199\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png 453w, https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1-300x250.png 300w\" sizes=\"(max-width: 238px) 100vw, 238px\" \/><a href=\"https:\/\/firstware.com\/en\/\">FirstWare IDM-Portal<\/a> by FirstAttribute is an integrated Identity and Access Management (IAM) solution that enables automated user and permissions management, whether on-premises or in the cloud.<\/p>\n<p>This portal integrates all facets of identity and access management and provides centralized access to identity and directory services.<\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung aligncenter\">Get in touch<\/button><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Active Directory (AD) is the central hub of many IT infrastructures. It is where user accounts, groups, and access rights [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1836],"tags":[2013,1953],"class_list":["post-47554","post","type-post","status-publish","format-standard","hentry","category-compliance-en","tag-ad-authorization-audit-en","tag-recertification-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>AD authorization audit \u2013 Control and clarity with the IDM-Portal<\/title>\n<meta name=\"description\" content=\"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AD authorization audit \u2013 Control and clarity with the IDM-Portal\" \/>\n<meta property=\"og:description\" content=\"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"FirstWare IDM-Portal\" \/>\n<meta property=\"og:image\" content=\"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png\" \/>\n<meta name=\"author\" content=\"Sophia Tunui\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sophia Tunui\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/\"},\"author\":{\"name\":\"Sophia Tunui\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/e7504910be78b9b066298168ab6e839e\"},\"headline\":\"AD and authorization audit: Control, compliance and clarity with IDM-Portal\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/\"},\"wordCount\":1007,\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/All-permissions-at-a-glance-in-IDM-Portal.png\",\"keywords\":[\"AD authorization audit\",\"recertification\"],\"articleSection\":[\"Compliance\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/\",\"name\":\"AD authorization audit \u2013 Control and clarity with the IDM-Portal\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/All-permissions-at-a-glance-in-IDM-Portal.png\",\"description\":\"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#primaryimage\",\"url\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/All-permissions-at-a-glance-in-IDM-Portal.png\",\"contentUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/All-permissions-at-a-glance-in-IDM-Portal.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/ad-and-authorization-audit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AD and authorization audit: Control, compliance and clarity with IDM-Portal\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"name\":\"FirstWare IDM-Portal\",\"description\":\"Identity and Autorization Management in M365 and Active Directory\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\",\"name\":\"FirstWare IDM-Portal\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"contentUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"width\":1,\"height\":1,\"caption\":\"FirstWare IDM-Portal\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/e7504910be78b9b066298168ab6e839e\",\"name\":\"Sophia Tunui\",\"sameAs\":[\"http:\\\/\\\/firstattribute.com\"],\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/author\\\/sophia-tunui\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AD authorization audit \u2013 Control and clarity with the IDM-Portal","description":"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/","og_locale":"en_US","og_type":"article","og_title":"AD authorization audit \u2013 Control and clarity with the IDM-Portal","og_description":"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.","og_url":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/","og_site_name":"FirstWare IDM-Portal","og_image":[{"url":"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png","type":"","width":"","height":""}],"author":"Sophia Tunui","twitter_misc":{"Written by":"Sophia Tunui","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#article","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/"},"author":{"name":"Sophia Tunui","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/e7504910be78b9b066298168ab6e839e"},"headline":"AD and authorization audit: Control, compliance and clarity with IDM-Portal","mainEntityOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/"},"wordCount":1007,"publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png","keywords":["AD authorization audit","recertification"],"articleSection":["Compliance"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/","url":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/","name":"AD authorization audit \u2013 Control and clarity with the IDM-Portal","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#primaryimage"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png","description":"AD authorization audit: Who has access to what and why? How to secure your AD structure, reduce risks, and meet compliance requirements.","breadcrumb":{"@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#primaryimage","url":"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png","contentUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2025\/05\/All-permissions-at-a-glance-in-IDM-Portal.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.firstware.com\/en\/blog\/ad-and-authorization-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.firstware.com\/en\/"},{"@type":"ListItem","position":2,"name":"AD and authorization audit: Control, compliance and clarity with IDM-Portal"}]},{"@type":"WebSite","@id":"https:\/\/www.firstware.com\/en\/#website","url":"https:\/\/www.firstware.com\/en\/","name":"FirstWare IDM-Portal","description":"Identity and Autorization Management in M365 and Active Directory","publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.firstware.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.firstware.com\/en\/#organization","name":"FirstWare IDM-Portal","url":"https:\/\/www.firstware.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","contentUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","width":1,"height":1,"caption":"FirstWare IDM-Portal"},"image":{"@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/e7504910be78b9b066298168ab6e839e","name":"Sophia Tunui","sameAs":["http:\/\/firstattribute.com"],"url":"https:\/\/www.firstware.com\/en\/blog\/author\/sophia-tunui\/"}]}},"_links":{"self":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/47554","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/comments?post=47554"}],"version-history":[{"count":0,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/47554\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/media?parent=47554"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/categories?post=47554"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/tags?post=47554"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}