December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

Slides:

Advertisements

Similar presentations

automated single login access to Novell storage resources

Advertisements

PaperCut MF Reseller Resource Material An Introduction to PaperCut MF.

Ljubomir Ivaniš CPU d.o.o.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

Identity and Security Management Kevin Unthank Senior Product Manager Red Hat Security Management Products Cloud Business Unit.

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Kerry Osborne Senior Oracle Guy. Caveats The opinions expressed are mine … I’m an old guy I am biased towards Oracle technology I have not drunk too much.

 61% of people reuse the same password on multiple sites.  44% change their password only once a year or less.  Password theft increased by 300% in.

Active Directory: Final Solution to Enterprise System Integration

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Identity Management, what does it solve By Gautham Mudra.

Identity and Access Management

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

Microsoft Identity and Access Solutions Market Trends and Futures

Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,

“This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”

Unified Student-Centric Authentication and Authorization Nathan Wilder Special Assistant - Technology Office of the CIO.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

USM Regional PeopleSoft Conference

Identity Management: Past, Present, and Future Wait, the requirements have changed again.

Case Study: DirXML Implementation at Waste Management Rick Wagner Systems Engineer Novell, Inc.

Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?

Identity on Force.com & Benefits of SSO Nick Simha.

Identity Management in the Environment of Mendel University in Brno Milan Šorm.

Protect Manage Optimize Why LastPass Enterprise?

Sudha Iyer Principal Product Manager Oracle Corporation.

CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.

One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.

Open Source Evaluation - FileZilla Michael Nye ITEC 400 Assignment 14-1 Professor D’Andrea Franklin University April 10, 2008.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.

Office 365 Directory Synchronization Update: Deploying Password Sync.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

User and Device Management

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Tomaž Čebul Principal Consultant Microsoft Bring Your Own Device, kaj pa je to?

July 12, 2012 Tier I Meeting Identity Management.

Fermilab supports several authentication mechanisms for user and computer authentication. This talk will cover our authentication systems, design considerations,

Oracle Virtual Directory

Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.

Al Lilianstrom and Dr. Olga Terlyga NLIT 2016 May 4 th, 2016 Under the Hood of Fermilab’s Identity Management Service.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.

Secure Connected Infrastructure

New Developments in Central Directory Service and Account Provisioning Dan Menicucci Enterprise Architect - University of Pittsburgh.

Using Your Own Authentication System with ArcGIS Online

Protect Manage Optimize Why LastPass Enterprise? Protect Manage Optimize.

Federation made simple

Data and Applications Security Developments and Directions

SaaS Application Deep Dive

John O’Keefe Director of Academic Technology & Network Services

2016 Citrix presentation.

Radius, LDAP, Radius used in Authenticating Users

Chandler and Higher Education

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

James Cowling Senior Technical Architect

Microsoft Virtual Academy

Presentation transcript:

December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007

December 19, 2006 What Why How Directory Services & OpenDS

December 19, 2006 Where are my users? Weak passwords? Users come and go I want single sign on! Who owns enterprise identity? Sarbanes?! - who, what, when, where? Look Familiar?

December 19, 2006 What

December 19, 2006 Stores & organizes users & network resources Secure High speed HA Replication Wired into apps, os, , routers Upstack services Directory Service

December 19, 2006 Meta Directory – Authoritative DS HR FMAX OpenDS Meta schedule ? salary user id

December 19, 2006 Virtual Directory Service HR FMAX OpenDS Virtual Person name schedule salary uid schedule ?

December 19, 2006 Proxy Directory Service A-M N-Z inactive ? sn=drake ? employee id=1001

December 19, 2006 Standards, Standards, Standards Started ~ 1993 IETF (OpenLDAP, Sun, Novell, others)‏ OpenDS, OpenLDAP, Novell, AD, OID Network protocol Distributed LDAP

December 19, 2006 Complete directory service Community effort FOSS - CDDL Bootstrapped by Sun Progress update since 11/06 - remember? OpenDS

December 19, 2006 Rich password policy All platforms Easy install Manageable Extend everywhere Embedded option Replication Fast Facts – Here Today

December 19, 2006 No console No commercial support* No virtual No proxy No transactions* Fast Facts – What's Missing

December 19, 2006 On to the why...

December 19, 2006 Where are my users? Weak passwords? Users come and go I want single sign on! Who owns enterprise identity? Sarbanes?! Who, what, when, where? Look Familiar (Again)?

December 19, 2006 De-fragment users and policies Secure, global view Simple, well known Extensible, roll your own “person” Preferred repository for provisioning systems Pillar for single sign on Data Consolidation

December 19, 2006 Where are your users & resources? FMAX Peoplesoft Active Directory Home grown Linux /etc/passwd

December 19, 2006 Where they should be o=any.edu ou=contractors ou=faculty ou=students ou=staff ou=devices FMAX PSFT NIS SSO Foo

December 19, 2006 Simple idea, difficult to implement Spec outlines the solution –strength –# tries –login windows –etc OpenDS implements the solution Applications and controls Password Policy

December 19, 2006 Password Policy OpenDSPolicy PluginLDAP Client Deny with error code/message Fetch appropriate policy Evaluate policy Authenticate with policy Success

December 19, 2006 Onboarding - establishing access Offboarding - terminating access –Confident? Re-establishing access User Provisioning

December 19, 2006 User Silos PortalHRFMAX App DB Oracle LDAP

December 19, 2006 Centralized user store infinitely easier Even so –Barren FOSS landscape - Identyx –Commercial Sun IDM –Roll your own User provisioning

December 19, 2006 Centralize access management Seamless to end user Manageable enterprise SSO requires a consolidated view Most SSO rely on LDAP Requires high performance repository Single SSO, single repository OpenSSO & OpenDS Single Sign On

December 19, 2006 Who owns enterprise identity? Centralized and federated directories Apps requiring directory writes Isolating directories Crossing regulatory boundaries OpenDS replication Identity Ownership

December 19, 2006 Identity Ownership Portal, Blogs FMAX Linux, Windows Enterprise local

December 19, 2006 Replication Assured Fractional HIPPA filter

December 19, 2006 Secure channels Centralized users and policy Password policy AAA - Auditing Sarbanes

December 19, 2006 Secure LDAP – Supports StartTLS and SSL Centralized users and policy Extensive password policy via controls Full, high performance activity logging OpenDS & Sarbanes

December 19, 2006 Active Directory Sun DSEE Oracle OpenLDAP Novell Fedora Novell Apache Other Directories

December 19, 2006 Single Directory Services Stack Standards FOSS Fast Extensible Feature rich FOSS OpenDS

December 19, Resources

December 19, 2006 Install Addressbook Glassfish and OpenDS Demo!