Presentation is loading. Please wait.

Presentation is loading. Please wait.

December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

Published byNelson Sullivan Modified over 9 years ago

Similar presentations

Presentation on theme: "December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007."— Presentation transcript:

1 December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007

2 December 19, 2006 What Why How Directory Services & OpenDS

3 December 19, 2006 Where are my users? Weak passwords? Users come and go I want single sign on! Who owns enterprise identity? Sarbanes?! - who, what, when, where? Look Familiar?

4 December 19, 2006 What

5 December 19, 2006 Stores & organizes users & network resources Secure High speed HA Replication Wired into apps, os, email, routers Upstack services Directory Service

6 December 19, 2006 Meta Directory – Authoritative DS HR FMAX OpenDS Meta schedule ? salary user id

7 December 19, 2006 Virtual Directory Service HR FMAX OpenDS Virtual Person name schedule salary uid schedule ?

8 December 19, 2006 Proxy Directory Service A-M N-Z inactive ? sn=drake ? employee id=1001

9 December 19, 2006 Standards, Standards, Standards Started ~ 1993 IETF (OpenLDAP, Sun, Novell, others)‏ OpenDS, OpenLDAP, Novell, AD, OID Network protocol Distributed LDAP

10 December 19, 2006 Complete directory service Community effort FOSS - CDDL Bootstrapped by Sun Progress update since 11/06 - remember? OpenDS

11 December 19, 2006 Rich password policy All platforms Easy install Manageable Extend everywhere Embedded option Replication Fast Facts – Here Today

12 December 19, 2006 No console No commercial support* No virtual No proxy No transactions* Fast Facts – What's Missing

13 December 19, 2006 On to the why...

14 December 19, 2006 Where are my users? Weak passwords? Users come and go I want single sign on! Who owns enterprise identity? Sarbanes?! Who, what, when, where? Look Familiar (Again)?

15 December 19, 2006 De-fragment users and policies Secure, global view Simple, well known Extensible, roll your own “person” Preferred repository for provisioning systems Pillar for single sign on Data Consolidation

16 December 19, 2006 Where are your users & resources? FMAX Peoplesoft Active Directory Home grown Linux /etc/passwd

17 December 19, 2006 Where they should be o=any.edu ou=contractors ou=faculty ou=students ou=staff ou=devices FMAX PSFT NIS SSO Foo

18 December 19, 2006 Simple idea, difficult to implement Spec outlines the solution –strength –# tries –login windows –etc OpenDS implements the solution Applications and controls Password Policy

19 December 19, 2006 Password Policy OpenDSPolicy PluginLDAP Client Deny with error code/message Fetch appropriate policy Evaluate policy Authenticate with policy Success

20 December 19, 2006 Onboarding - establishing access Offboarding - terminating access –Confident? Re-establishing access User Provisioning

21 December 19, 2006 User Silos PortalHRFMAX App DB Oracle LDAP

22 December 19, 2006 Centralized user store infinitely easier Even so –Barren FOSS landscape - Identyx –Commercial Sun IDM –Roll your own User provisioning

23 December 19, 2006 Centralize access management Seamless to end user Manageable enterprise SSO requires a consolidated view Most SSO rely on LDAP Requires high performance repository Single SSO, single repository OpenSSO & OpenDS Single Sign On

24 December 19, 2006 Who owns enterprise identity? Centralized and federated directories Apps requiring directory writes Isolating directories Crossing regulatory boundaries OpenDS replication Identity Ownership

25 December 19, 2006 Identity Ownership Portal, Blogs FMAX Linux, Windows Enterprise local

26 December 19, 2006 Replication Assured Fractional HIPPA filter

27 December 19, 2006 Secure channels Centralized users and policy Password policy AAA - Auditing Sarbanes

28 December 19, 2006 Secure LDAP – Supports StartTLS and SSL Centralized users and policy Extensive password policy via controls Full, high performance activity logging OpenDS & Sarbanes

29 December 19, 2006 Active Directory Sun DSEE Oracle OpenLDAP Novell Fedora Novell Apache Other Directories

30 December 19, 2006 Single Directory Services Stack Standards FOSS Fast Extensible Feature rich FOSS OpenDS

31 December 19, 2006 http://www.opends.org http://treydrake.wordpress.com treydrake@yahoo.com Resources

32 December 19, 2006 Install Addressbook Glassfish and OpenDS Demo!

Download ppt "December 19, 2006 OpenDS Enterprise Directory Services Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007."

Similar presentations

automated single login access to Novell storage resources

automated single login access to Novell storage resources
PaperCut MF Reseller Resource Material An Introduction to PaperCut MF.

PaperCut MF Reseller Resource Material An Introduction to PaperCut MF.
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Identity and Security Management Kevin Unthank Senior Product Manager Red Hat Security Management Products Cloud Business Unit.

Identity and Security Management Kevin Unthank Senior Product Manager Red Hat Security Management Products Cloud Business Unit.
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
Kerry Osborne Senior Oracle Guy. Caveats The opinions expressed are mine … I’m an old guy I am biased towards Oracle technology I have not drunk too much.

Kerry Osborne Senior Oracle Guy. Caveats The opinions expressed are mine … I’m an old guy I am biased towards Oracle technology I have not drunk too much.
 61% of people reuse the same password on multiple sites.  44% change their password only once a year or less.  Password theft increased by 300% in.

 61% of people reuse the same password on multiple sites.  44% change their password only once a year or less.  Password theft increased by 300% in.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Identity Management, what does it solve By Gautham Mudra.

Identity Management, what does it solve By Gautham Mudra.
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

Similar presentations

Ads by Google