Category: <span>concepts</span>

Auditing SiteMinder Policy server connections to LDAP backend stores (policy+user)

I’ve seen it time and time again from the number of organizations that we’ve worked with in the past – security auditing is treated with low priority – specifically firewalls between intermediary components and devices and in some extreme cases data encryption between those same devices. So it goes without saying that any component accessing
Read More

Baby Steps – Password Management

To build on an earlier posting, I would like to touch on the phased approach to implementing an Identity Management solution. I was recently on an engagement where the customer requested that we implement an identity management product and an single sign on product to perform a simple phase one approach. The project had a
Read More

Unique Identifiers and Why you shouldn’t let users select their own ID

The Unique Identifier, AKA the Unique ID, the UID, the Enterprise Unique ID, the Primary ID, the Global Unique ID. The UID is the key internal identifier, potentially used for authentication, authorization, group membership, and tracking (reporting, logging, auditing). It is recommended to have this ID be unfriendly so as to discourage its inappropriate use.
Read More

Provisioning Roadmap

Identity Management – Best Practices With the current regulations and audit requirements being placed on organizations, many companies are looking to Identity Management (IdM) solutions to help achieve control of who has access to what resources. This includes not only the provisioning of access rights, but also the ability to change access when individuals change
Read More

Do I really need Role Management? Yes you do (aka I pity the fool that don’t have Role Management)!

Enterprise role management is a critical technology for allowing organizations to verify and enforce regulatory mandates and to audit the effectiveness of user access policies. Role management facilitates business and IT policy alignment by helping you translate business policy into technical IT controls such as separation-of-duty rules. With reporting and identity analytics capabilities, you have
Read More

Xelsysadm – password not working?

After our lovely install on WebLogic, we found that the password that was set for xelsysadm wasn’t functioning. Could it have been the fact that there were special characters in the password during the installation such as “$” or “*”? At any rate, the reset process is pretty simple, provided that you have a base
Read More

Using the ORM API

I had a question come to me about the ORM API, albeit I haven’t had that much exposure to it, I do have some information for folks looking to use it: Basic program flow: 1) use JNDI to get a hold of a running ORM server object 2) login to the server (credentials do matter!)
Read More

Oracle Role Manager – Polyarchy anyone?

Oracle acquired this word “polyarchy” when they acquired the Role Manager product. I’m not too sure why they kept the term, perhaps it was to differentiate themselves from the crowd, or was there another motivation? At any rate, if you have a “Reporting Organization” Hierarchy in ORM, the Integration Library allows you to place folks
Read More