tag:blogger.com,1999:blog-33085330976037434392011-04-21T19:13:23.492-07:00Identity Infrastructure Requirements - articles and comments about IDM initiative deployments and identity data publishingTPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.comBlogger541100tag:blogger.com,1999:blog-3308533097603743439.post-87920397592311311962009-03-30T02:37:00.000-07:002009-03-30T10:17:19.566-07:00

ILM,Virtual Directory,Abstraction Layer Miss Miis (missmiis - clever huh?) made some comments I wanted to bring attention to in a recent blog posting.  She keeps up on ILM/MIIS happenings and her blog postings are useful to people using these tools.  Recently she was at the TEC conference in Las Vegas and got a chance to learn more about Virtual Directories from Todd Clayton.  She makes a

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com2tag:blogger.com,1999:blog-3308533097603743439.post-7956960827111673072009-02-18T11:09:00.001-08:002009-02-18T11:09:41.968-08:00

Just some quick notes about comments made recently… They are great and I can see that more clarification of my postings are in order… (1) yes, the math is very simple, as was the comment about adding 2 - 50ms as no big deal to performance. After seeing that comment, I wanted to make sure people understood the possible impact of this – yes, it is relative to your environment, architecture,

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-52881414537145897182009-02-12T21:24:00.000-08:002009-02-18T10:14:35.302-08:00

I know I have mentioned this before, but since there’s an ongoing ping-pong match about cache — particularly “persistent cache” — playing out on the identity blogs lately, I thought I’d return the volley. Ashraf Motiwala covered the topic again in his blog yesterday, so here are my two cents. First off, while it’s true there are times when cache makes no sense, there are other times when

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com4tag:blogger.com,1999:blog-3308533097603743439.post-24433482528409653572009-02-12T09:46:00.001-08:002009-02-12T09:46:18.794-08:00

Wow, nice to see someone articulate the problem. Too many vendors and architects use too diverse of a language for solutions to converge right now... David puts the finger on the nose here... We have to start understanding the metadata and semantic relationships (esp for security) in our systems, in a way that is scalable.. Check out David Linthicum's posting...  

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-48882065547389655692008-10-27T01:46:00.000-07:002008-10-27T15:08:01.925-07:00

Darren Calman posting something that has attracted some attention from Matt Pollicove and from Ping.  I think it is worth paying attention to. You will find some good historical and pragmatic information, but of particular interest to me was what was stated about identity virtualization. Virtual directories are being touted as a IdM 2.0 by Matt Pollicove, as a "identity

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-23820803622860673252008-09-12T10:22:00.001-07:002008-09-12T10:22:11.175-07:00

Burton is hosting a telebriefing about identity correlation.  I have to say I'm a bit surprised, but think it's great.  (see blog posting by Ian Glazer here) It is true, if you want to have true access management you have to start with being able to correlate accounts. Without this you have no way to even know who has access to what, much less be able to audit, control, or monitor it in

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-59652363584626725912008-07-29T11:03:00.001-07:002008-07-29T11:03:00.293-07:00

I thought I would have a bit of fun and continue my analogy about the jungle we often find ourselves in when dealing with the sticky issues (and often unknown) of identity and identity management. African Safari's were plagued by slave trading until the British put a stop to it in 1896, in the shortest battle in history (38 minutes).  The past for identity has been similar, you were forced

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-34074450090914977642008-07-18T04:04:00.000-07:002008-07-18T11:15:37.917-07:00

To add more thoughts and explanation to my last posting, "Are we lost?" The idea is to not cut through the jungle every time we have a new initiative  At least solve the integration problem, once.  Don't reinvent the wheel every time you have a new application or new initiative.  Don't replicate data everywhere, employ complex synchronizations, and in general make everything 10X more

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-42801819021458645682008-07-17T18:57:00.000-07:002008-07-18T11:17:05.407-07:00

There is a posting of interest recently by Pamela Dingle, you can check it out here.  I love to see people talk from their gut and talk about real issues, without the marketing guff and fluff, just real-life observations. Her recent posting "Catalyst Epiphany 2 - We're a little lost" points out the fact that identity management is all over the map.  I agree, sometimes I feel like companies are

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-40986374658477103722008-07-15T22:03:00.000-07:002008-07-18T12:09:19.097-07:00

Jackson's Identity Management & Active Directory Reality Tour Travelblog: James' unanswered questions... As most of you know, I try to keep up on some blogs out there, one of which is Jackson Shaw's.  I wanted to throw in my two cents on a couple responses he made yesterday to another blog's posting (James McGovern).  JAMES: If pretty much every Fortune 500 enterprise (

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-32819167607304712722008-07-15T04:03:00.000-07:002008-07-18T12:17:04.521-07:00

I have had some questions recently about what I mean by comments about "more complex integration".  I have had a few people ask me through my blog and recently at Catalyst in San Diego, and so perhaps I should clarify.  What IS my point of reference to "more" complex?  Quoted from http://identityinfrastructure.blogspot.com/2008/02/oracle-virtual-directory-webinar.html: Identity

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-27766277707308394572008-07-09T03:42:00.000-07:002008-07-18T14:42:16.371-07:00

Too bad I didn't see this before my last post!  This is great, and actually humorous, especially if you have been following any or all of the virtual / meta / & "my stuff is better than your stuff" discussions since March '08.  Jackson started it! (can you have to hear the child-like finger pointing in my voice) But seriously, I think this interest and effort by people trying to make sense

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-6765451215414883342008-07-09T03:21:00.000-07:002008-07-09T10:23:48.179-07:00

I was trying to catch up on some of the discussions from the past month or so. Check this posting from Mark Wilcox.  Mark does a good job of being a peace-maker of sorts, trying to organize thoughts from different bloggers such as Dave Kearns and Clayton Donley.  There is definitely confusion around what each author is talking about. It is my position that you need not only what Oracle and

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-6485482455658031902008-07-02T14:02:00.000-07:002008-07-09T09:03:39.900-07:00

Matt Flynn has an interesting post about what he calls SaaS-ish identity management.  The idea is to outsource your IdM managment, the dicussion is primarily about the objections to this idea within an organization. I can see how this can be useful, especially to smaller organizations who can not afford project teams, expensive IdM management packages, and the ongoing expense of maintaining these

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-63330038741744541642008-06-30T14:36:00.000-07:002008-07-09T09:06:43.411-07:00

There have been a couple of announcements in the Virtual Directory World.  I would be remise if I did not make mention of them. Radiant Logic announced (Jun 23) the release of VDS 5.0. Here are some of links from the announcement. Press Release, Government Computer News, DM Review, Campus Technology The new VDS offers simplified use of virtual directory technology, turning complicated

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-61511272818277898762008-05-21T00:08:00.000-07:002008-05-21T14:16:18.408-07:00

No, I haven't turned into Buzz-Lightyear.  I found this diagram today, by accident, by searching information on WAM architecture, it is not into the details I was looking for, but I actually really like it!  Obviously its not just was Web Access Management...  check it out... This is a logical layer you might see related to identity, security, virtual directory, etc - but could be

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com1tag:blogger.com,1999:blog-3308533097603743439.post-59636760000877562942008-05-15T08:39:00.000-07:002008-05-21T13:51:17.148-07:00

Its been awhile since I posted, so here is something I've been wanting to blather about for a couple weeks.  Perhaps when I have more time I can come back and give more specific examples in this conversation where these guys (the "identity gang" or perhaps "the identity thugs" lol) unknowingly are arguing the same point.  Listen to this discussion (link below) and see if you too can pick up on it

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-14337038580451323062008-04-16T09:55:00.000-07:002008-04-17T12:00:42.725-07:00

Matt Flynn posted "Proliferation of Multiple LDAPs" today.  Matt's post was fueled by the recent meta vs virtual debate, which is a nice segway to talking about how to deal with the increasing number of identity stores within the enterprise.  He suggests examining your current environment, paying attention to these factors: Which data stores have overlapping data and which are

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-85027922193205072442008-04-07T20:33:00.000-07:002008-04-08T10:41:25.030-07:00

Got to love this posting by Phil Hunt.  I've been watching this bit of diatribe back and forth, especially between Dave Kearns and Kim Cameron.  It's a bit like the old story about six blind men trying to describe what an elephant is, each only feeling one part of the beast. One says "it is like a wall", another "it is like a tree", and so forth.  SO, are we really talking about multiple

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-51027893598505897872008-04-02T04:45:00.000-07:002008-04-08T09:55:50.772-07:00

Joel Dubin exposes the most common IAM blunders, and enlightens information security professionals on how to prevent these mistakes. OK, its a bit basic, but they are still problems. I thought the article was uninteresting, but two things caught my attention: 1) multiple logins for multiple applications (listed as the sticky note syndrom) 2) "ghost" passwords - which are more precisely "

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-12977870954809502582008-03-25T22:03:00.000-07:002008-04-10T08:35:04.499-07:00

There was an SSO webinar today by Quest Software.  I would like to thank them for actually putting some content into it and actually explaining what their solutions offer.  I have become a bit weary of webinars so laden with marketing message, you really have no idea what the technology is offering you or if it will fit your infrastructure or not.  The recording is available here.  

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-70985789326321031932008-03-10T10:51:00.001-07:002008-03-10T10:51:55.528-07:00

My favorite old ranter Dave Kearns (self proclaimed as the old man ranting in the corner) has an article for NetworkWorld, raising the question if meta-directories have any life left in the market. Although I don't know if meta-directories are dead, they seem to still have a place in the world, I do see an end to this technology in favor or other technologies in the future. The Higgins project

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-70262545523762991362008-03-10T03:18:00.000-07:002008-03-11T12:17:44.337-07:00

Yes, I am a little behind in my postings.  Don't rant against me too much, I have a full-time job ya know!  :)   I need to add my small voice to the cheers of yet another virtual directory added to the market. Optimal IdM has released their first version of their Virtual Identity Server (VIS).  The announcement was during last weeks' Directory Experts Conference in Chicago (mainly a

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com1tag:blogger.com,1999:blog-3308533097603743439.post-4478440908004825702008-02-13T18:37:00.001-08:002008-02-13T18:37:37.820-08:00

As a lot of us know, there are some serious DOS (denial of service) issues with AD.  AD just isn't fully LDAP compatible, that's the bottom line in my book.  If I have to interface to AD to multiple sources outside Microsoft designed use (inside the NOS), I recommend using a virtual directory to protect AD. Such LDAP packets as described below and other causes of DOS can be dealt with.  Quoted

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com1tag:blogger.com,1999:blog-3308533097603743439.post-40877249258512130462008-02-06T06:15:00.000-08:002008-02-11T17:37:32.599-08:00

I thought I would share an interesting webinar on virtual directories recently from Oracle on their virtual directory (OVD). You can view the recording here. This is the first time I've mentioned a product by name, and referenced a particular company. I try to stay as neutral as possible, perhaps out of habit due to my role to help customers decide. I usually always give at least two options

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-49962433527268132822008-01-28T11:04:00.001-08:002008-01-28T12:19:39.504-08:00

Jackson Shaw blogs about still MORE issues that are arising from trying to update schemas in active directory. This is why I encourage people NOT TO TRY THIS AT HOME (or at work). It's disruptive and can have some serious effects on your network infrastructure. Use the existing schema in a virtual directory, extend the schema there. Then you don't have to worry about the issues involved here.

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-59049190542602848442008-01-25T08:29:00.001-08:002008-01-30T14:21:41.652-08:00

Matt (see http://360tek.blogspot.com/2008/01/year-of-virtual-directory.html) asserts his continued position as an advocate of using virtual directories- and references Burton Group's affirmation of this technology as well in a recent webinar. Burton also published a paper recently (Nov'07) "Virtual Directories: Valuable Present, Promising Future" that is great information on the state of the

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-77028614858730304182008-01-24T14:22:00.001-08:002008-01-24T14:22:33.591-08:00

http://duckdown.blogspot.com/2008/01/common-weakness-in-all-identity.htmlThis author takes a harsh, but not well versed stand, into criticizing ALL IdM software packages out there for the lack of integration into various data stores, especially Active Directory. If it were that simple, don't you think all the vendors would do it? Just the fact that the symptom is there for ALL IdM packages,

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-17763308367006821622008-01-24T13:44:00.001-08:002008-01-24T13:44:28.889-08:00

http://www.b-eye-network.com/view/6722 This is just kind of interesting, nothing great... BUT the issue of how you do handle large amounts of metadata does ring true. The author states that perhaps you must limit your metadata and not try to get a complete picture. Of course you do! You must limit it to the context in which it is relevant! This is why I think the hierarchal views found in

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-31146199433044877882008-01-24T13:28:00.000-08:002008-01-24T13:29:01.502-08:00

In this article Michael Daconta spells out in his vision what steps need to be taken to ensure successful future growth of your enterprise architecture. http://www.gcn.com/print/27_2/45685-1.htmlPay attention to step#4. Install a data services layer in your service-oriented architecture plumbing. This isn't just an SOA thing, don't wait for SOA come to you, create a data service layer now. You

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-12325539195816299662008-01-11T10:07:00.000-08:002008-01-14T08:35:43.808-08:00

I read an article a few days ago in the latest issue of DMReview titled, "Global Keys: A Unified Key Mapping Architecture".I visited the authors blog at http://www.globalkeysdesign.com/global_keys/blog_index.html and found it to be a good start of a very important discussion about creating a centralized mapping of keys for multiple data repositories that contain equivalent data (or identities).

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-86122070358145750672008-01-03T09:50:00.001-08:002008-01-03T09:50:01.685-08:00

The concepts are the same for Identity Management, you don't have to solve every problem in the world to get started solving your integration problems... BUT you can make some savvy choices, like planning ahead and going with solutions that have "legs". If you have read my blog entries you know I love the data-virtualization concept and benefits. The author of this article (http://

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-44122441170587622792007-12-12T17:44:00.001-08:002007-12-12T17:44:25.686-08:00

An enterprising blogger expounds how you do no longer need to be limited in how UNIX users are managed, such as storing user account in flat files. Using sudo will let the administrator utilize a directory service for security (i.e. authentication/authorization). There are other solutions, but here is one that is relatively easy and cheap since sudo is open-source and the functionality is

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-77346801507251054372007-12-06T10:28:00.001-08:002007-12-06T10:28:30.449-08:00

In this article Rosie Lombardi contrasts virtual directories and meta-directories as the central access point options in creating a federated environment for consolidated authentication via web. A simple overview, but some good points of discussion, how do governments establish a way for people to gain information and access to services across agencies, states, and other governing systems?Unique

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-19815249659910089882007-12-03T16:02:00.001-08:002007-12-03T16:02:25.955-08:00

See what some say is the major road-block to SOA deployments and why it doesn't have to be so hard to solve - you need to think hierarchy, data modeling, object-classes, and abstraction (flexibility). If you are used to working with Directories and even more so, virtual directories, you will have a leg up on understanding these concepts and how they are useful in simplifying the issues in SOA

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-75895287164981411832007-12-03T15:03:00.000-08:002007-12-03T15:08:39.470-08:00

Here is a definition of SOA given in the article found at http://www.itbusinessedge.com/item/?ci=23055 - its a short understandable definition;"SOA. Service-oriented architecture refers to a paradigm that focuses on how you maximize the sharing, reuse and interoperability of distributed corporate resources across your network. And to maximize sharing, reuse, etc., you need a universal middleware

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-81257105432697640762007-12-03T14:58:00.001-08:002007-12-03T14:58:21.721-08:00

Identity Management and Data Management starting to overlap in your mind? Then maybe its because you have dug into the topic deep enough to see the problems, or you are just losing sight of where the lines are? Certainly some of the issues are the same and have the same solutions, so where is the future of IdM?read more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-86916229472715250602007-11-30T14:21:00.001-08:002007-11-30T15:48:25.079-08:00

Why LDAP?The question is a good one and I think as LDAP proliferates across more systems, many people will have the same question - and it deserves a good answer, so here is my two-cents-worth. What we are really talking about is directory services, not just the protocol. Directories have some serious advantages over DBMS. Databases are optimized for OLTP (online transaction processing),

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com2tag:blogger.com,1999:blog-3308533097603743439.post-47224362215710912842007-11-28T15:41:00.001-08:002007-11-28T15:41:03.309-08:00

RSA Access ManagerNovell Access ManagerRadiant Logic RadiantOne VDSread more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-83384192208617522772007-11-20T14:30:00.001-08:002007-11-20T14:30:03.799-08:00

Because everyone has a different idea on what infrastructure is, I think it is good to introduce a definition of IT infrastructure:IT infrastructure is the total set of components that enables applications to functionThe following model can be used to visualize the various components.read more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-40721673046525318112007-11-20T13:56:00.001-08:002007-11-20T13:56:58.395-08:00

Jackson Shaw discusses Earl Perkins and Neil MacDonald discussion at Gartner's IAM event 11-07. His concluding question is "Do you think that virtualization might be the force that can overcome the inertia? Maybe, maybe." I think yes, it has all the components and the right approach to the problem.The inertia Shaw refers to can be overcome, when and if a market player brings a high enough of

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-46277253539708837922007-11-16T10:36:00.003-08:002007-11-16T10:36:45.759-08:00

SSO is only becoming a larger project, as seen with the growing interest and need for federated identity management (FIM)http://www.infoq.com/news/2007/11/fim read more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-47009692354011851992007-11-16T10:36:00.001-08:002007-11-16T10:36:24.688-08:00

SSO is only becoming a larger project, as seen with the growing interest and need for federated identity management (FIM)read more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-43843146103649298392007-11-14T13:24:00.001-08:002007-11-14T13:31:57.359-08:00

"Everything you know about identity management is wrong"Take a serious look at how IdM is now what changes are coming, I think the analysis is 80% dead-on. http://jacksonshaw.blogspot.com/2007/11/everything-you-know-about-identity.htmlread more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-80220614000126672802007-11-06T16:17:00.001-08:002007-11-06T16:17:36.354-08:00

Good article with good links to some past discussion on SOA and data virtualization / data abstractionread more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-27107706477096779692007-11-06T16:06:00.001-08:002007-11-09T12:47:50.754-08:00

White paper that does a good job explaining why data virtualization is important to successful SOA deployments. Planning ahead is key, if your organization is not implementing these principles, they will be left behind in the future of business where data is more agile and accessible for new services and applications. If you have problems getting this whitepaper let me know and I will send it

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-597161671012068472007-11-05T17:40:00.001-08:002007-11-05T17:43:41.674-08:00

Nice overview of what Federation brings to the table for the enterprise and how it can change the horizon of IdM. It is interesting to note that authentication is mentioned as the first hurdle to overcome before moving to a federated environment. This is one of the most difficult IdM services to implement and requires a lot of planning for the future. If you implement a point solution for

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-20433715496173223062007-11-02T10:40:00.001-07:002007-11-02T10:40:17.068-07:00

This article started a series of thoughts in my head around why problems like these exist. The thoughts and issues started coming up like an eruption - this posting is quite long.If you work in one IT department long enough (which most of us do not) you will see the entire lifecycle of this problem. If you are more transient you probably only see part of the story, the genesis; the perfect custom

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-82180120669677421952007-11-02T10:32:00.001-07:002007-11-02T10:41:47.102-07:00

Some interesting information about using UNIX abilities to achieve extended function from a distributed authentication environment, specifically laptops to cache (memory) login information when disconnected from the network.http://blogs.techrepublic.com.com/opensource/?p=127I think the ideas here are more interesting than the implementation suggested. If you can cache the identifiers, why not do

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-2102419151956003472007-11-02T09:09:00.000-07:002007-11-02T09:31:41.924-07:00

Some interesting information about using UNIX abilities to achieve extended function from a distributed authentication environment, specifically laptops to cache (memory) login information when disconnected from the network. http://blogs.techrepublic.com.com/opensource/?p=127I think the ideas here are more interesting than the implementation suggested. If you can cache the identifiers, why not

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-66985534933782273012007-10-29T16:32:00.000-07:002008-03-27T11:42:04.538-07:00

Does Active Directory top Linux authentication options? http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci1279624,00.html Integration issues between Linux and Active Directory discussed by Enk (Gartner) – metadirectories and other solutions – LDAP and Kerberos are discussed as a disadvantage because most organizations do not have people with LDAP expertise - “

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-40469474670047570902007-10-25T11:29:00.000-07:002007-10-26T12:13:45.849-07:00

Excerpts from this posting... good stuff...http://360tek.blogspot.com/2006_03_01_360tek_archive.html"Protocol TranslationWeb Service Enablement Multi-Repository Search Joined Identity View Permission-Based Results Dynamic DIT Authentication Real-Time Data Access Virtual Directory technologies eliminate boundaries. Hassles related to LDAP object types, attribute definitions and other

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-55207142311595588722007-10-25T11:22:00.001-07:002007-10-25T12:18:45.395-07:00

What is metedata? describing metadata and basic application of metadatahttp://www.addsimplicity.com/adding_simplicity_an_engi/2007/10/what-metadata.htmlMetadata can be very useful in managing identities, knowing the context of users is critical for IDM initiatives (e.g. authorization) leveraging existing policy, groups, and roles means a more consistent enforcement of business logic and better

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0tag:blogger.com,1999:blog-3308533097603743439.post-76376170256656516432007-10-25T11:20:00.001-07:002007-10-25T12:19:40.442-07:00

virtual directories vs. meta-directory - most of the story is right on, but misses features of a virtual directory focusing on a virtual directory as only a proxy engine, which it is not. virtual directories can offer real-time synchronization AND persistent data, negating most of his "disadvantages". Meta is old, Virtual is new and more adaptiveread more | digg story

TPShttp://www.blogger.com/profile/15738219556065262084noreply@blogger.com0