View
797
Download
0
Category
Tags:
Preview:
DESCRIPTION
TIM SEDLACK, Product Manager for OpenIDM, at the European IRM Summit 2014.
Citation preview
IRM Summit 2014
OpenIDM 3.1Identity Administration
AND MORE
Tim SedlackSr. Product Manager
2IRM Summit 2014
Centralize and Synchronize Identity Data
Directories
Databases
Applications
AD, Sun, Oracle, MS SQL, SAP, On-Prem and Cloud based apps
User self service
Dashboard/Reports
3IRM Summit 2014
Enabling ABAC with OpenIDM■ Access based on attributes requires CLEAN attributes
– Legacy stores, with no process means Identity data is “dirty”
■ Identity attributes are not standardized– Ex: Assign access to all PM materials
– Product Manager = PM, or Senior PM, or Dir of PM (for HR or DBA but NOT SAP)
■ Need: Normalize and centralize identity (and attributes) into an
authoritative store– Consume existing identity data
– Feed it to new (and existing) systems
Digital Transformation
6IRM Summit 2014
■ Integrated Identity Management– Account Management
– Self-Service Registration and Password Reset
■ Extranet / Customers / Partners / Suppliers– Large-scale, Multi-source user management
– Cloud provisioning
■ Enterprise– Sun (and other legacy) IDM replacement
– Internal & External (hybrid) environments
OpenIDM: Target Use Cases
7IRM Summit 2014
■ Version 3.0 – Released July, 2014– Scalable UI for “End Users” – Delivery Guarantees– Role-Based Provisioning– OpenICF 1.4– Improved Authentication System- Pass-through AUTH– Update/Align to common REST
The evolution of OpenIDM
- Overall Scripting environment improvements
- High Availability OOB- Load balanced session- Fail over across session
- Expanded Workflow defaults and samples
8IRM Summit 2014
■ Version 3.1 – (expected) Release Dec, 2014– Performance improvements – new options for faster recon/sync– Flexible/Uniform Query API (Queryfilter)– Administrative UI
■ Simplified Connector Management
■ Account Administration (aggregated view)
■ Schedules (reconciliation/sync)
– PostgreSQL/EntperiseDB repository support– Connectors update
■ LDAP Connector with Kerberos support
■ PowerShell Script and Cmdlets
■ Remote Execution of connectors
The evolution of OpenIDM
• Product configuration
• Password Policy
• New Cloud Connectors
• Google, Azure, Salesforce
• Scripted Groovy SDK
• ScriptedSQL and ScriptedREST
9IRM Summit 2014
Benefits with OpenIDM 3.1
Rapid install and configuration with the new Admin UI Configuration of Resources including connectors, mapping, etc
CloudConnect : New Framework for rapid creation and editing of connectors REST Endpoints for SaaS providers (Google, Azure, Salesforce) Windows Administration framework with PowerShell, LDAP, Kerberos
More scalability options & performance improvements
15IRM Summit 2014
Demonstration■ Installation Procedure
■ Overview of Configuration User Interface
■ Improvements to Account Administration with Aggregated View
■ SaaS connector with live updates SaaSy!
16IRM Summit 2014
OpenIDM takeaways■ Simple to install and configure
– Quick POCs, Rapid ROI
■ Centralizes and synchronizes Identity (and more!)– Automation eases administration of accounts, resources and more
■ Extensible, Standards based– Developer friendly, fits unique situations quickly and easily
■ An important part of the ForgeRock stack!– Plays well with OpenAM, OpenDJ and OpenIG AND MORE
17IRM Summit 2014
Q&A
Almost there….
Recommended