Author name: cameronmoulder

🔐 Security Whitepaper Version 1.0 — December 2025 📘 Executive Summary SymphonyDesk is a secure automation orchestration platform built for hybrid and multi-tenant environments. Security is foundational to the product design — not added as an afterthought. This whitepaper describes the platform’s security architecture, authentication model, tenant isolation methods, and operational hardening strategies. The system is explicitly […]

🖼️ SymphonyDesk System Diagrams This page provides a visual, high-level overview of how SymphonyDesk’s core components interact. The diagrams are intentionally simple, clean, and readable — perfect for both technical and non-technical audiences. 📦 1. High-Level Architecture What this shows:SymphonyDesk’s cloud API sits at the center, with three major external actors: Everything routes through the cloud control

🏗️ SymphonyDesk Architecture Overview SymphonyDesk is a modern, cloud-backed automation platform designed to execute secure, repeatable IT runbooks across customer environments. It combines cloud orchestration, lightweight on-prem runners, and dynamic PowerShell automation into a single cohesive system that scales elegantly from small IT teams to enterprise-grade workloads. This document provides a high-level yet technically grounded overview

The Symphony Dashboard (portal.symphonydesk.io) provides a simple, fast, and secure interface for triggering automation runbooks, viewing job history, and monitoring connected runners. It is designed for IT teams who want an easy way to execute backend automations without using scripts or APIs directly. 🔐 Accessing the Dashboard Each customer receives a dedicated, secured view of their automation

🔐 Runbook: ACT-ResetMFA This runbook resets a user’s Multi-Factor Authentication configuration in Azure Active Directory / Microsoft Entra ID. Use this runbook when users lose their phones, get new devices, or cannot authenticate. 📘 Description SymphonyDesk orchestrates a secure MFA reset by: This ensures the next login prompts for MFA setup again. 🧩 Required Parameters

🔐 Runbook: ACT-ResetUserPassword This runbook resets a user’s Active Directory password, forces a password change at next logon, logs the action, and updates the Jira ticket accordingly. 📘 Description Use this runbook when a user requires a password reset.SymphonyDesk securely connects to the customer’s Active Directory domain controller and: 🧩 Required Parameters Name Description Example

Runbook: ACT-AddUserToGroup.ps1 📘 Description Adds a user to an Active Directory security group.This runbook verifies the user exists, validates the group, and adds membership using domain controller PowerShell remoting. SymphonyDesk handles: Common uses include onboarding, access requests, entitlement workflows, and security group assignments. 🧩 Required Parameters Name Description Example UserUPN The user’s UPN “john.doe@contoso.com” GroupName

Runbook: ACT-OffboardUser.ps1 📘 Description This runbook performs a full offboarding workflow for a user in the customer’s hybrid/on-prem Active Directory and Exchange environment. It includes: This runbook is commonly used for: 🧩 Required Parameters Name Description Example UPN The user’s UPN “john.doe@contoso.com” IssueKey Jira issue reference “ITSD-6001” 🪄 Optional Parameters Name Description Example ForwardTo SMTP

Runbook: ACT-CreateSharedMailbox.ps1 📘 Description Creates a Shared Mailbox in a customer’s on-premises or hybrid Microsoft Exchange environment. This runbook supports: Common use cases: 🧩 Required Parameters Name Description Example DisplayName Name of the mailbox “Finance Team” Alias SMTP alias (before @) “finance” IssueKey Jira issue key “ITSD-5533” 🪄 Optional Parameters Name Description Example Department Department

Runbook: ACT-CreateDistributionGroup.ps1 📘 Description Creates a Distribution Group in the customer’s on-prem Exchange environment.This runbook supports: This is typically used for: 🧩 Required Parameters Name Description Example DisplayName The name of the group “HR Alerts” Alias SMTP alias (before @) “hr-alerts” IssueKey Jira issue key for comment updates “ITSD-5521” 🪄 Optional Behavior None — all