Educause Security Discussion mailing list archives
Re: IdM Suites
From: Rob Whalen <rwhalen () STMARYS-CA EDU>
Date: Fri, 24 Mar 2006 09:45:57 -0800
Bret R Blackman wrote:
Greetings, We are considering several different Identity Management (IdM) Suites (LDAP directory + mgt tools) to help with our provisioning/de-provision of accounts and general identity management tasks. One that we are currently testing is Sun Java Identity Management Suite that can be found here: http://www.sun.com/software/javaenterprisesystem/identity_mgmt_suite/index.xml Does anyone have any experience with this suite, or others from IBM, Oracle or Novell that they would like to share? Thanks, Bret R. Blackman University of Nebraska at Omaha Director of Administrative Information Services Information Technology Services, EAB 110 bblackma () mail unomaha edu
Bret, I am about 75% done with preparing a roll out of Novell's IDM 3. One of the gotchas was the fact that eDirectory can't read openLDAP passwords unless it sets the password from the eDirectory side. The work around for that is performing a password reset using the web password reset function in IDM 3. We will be setting up a separate "identity vault" which will then be used to synchronize openLDAP and eDirectory, and eventually our main database on AIX will become the definitive source. The logistics of the transfer have proven to be the biggest hurdle- keeping the old system going while implementing the new. Also, it has forced a huge amount of cleanup in our data systems which previously did not connect with each other. Just getting everyone to agree on dept names across departments was a nine month process. I've received consulting support from Novacoast on IDM 3, and am very glad I did. My best advice is to spend the time to produce a thorough plan. I'd be happy to talk to you offline. Rob
Current thread:
- IdM Suites Bret R Blackman (Mar 23)
- <Possible follow-ups>
- Re: IdM Suites Rob Whalen (Mar 24)