December 31, 2008

Wish you a Wonderful New Year

December 18, 2008

Typealyzer Report on my Blog

I was going thro Mark's Blog and found this interesting. This tool tries to provide a view of the author's thought process. I have got the following results.

A gist of what it said regarding my blog:

ESTJ - The Guardians

The organizing and efficient type. They are especially attuned to setting goals and managing available resources to get the job done. Once they´ve made up their mind on something, it can be quite difficult to convince otherwise. They listen to hard facts and can have a hard time accepting new or innovative ways of doing things.

The Guardians are often happy working in highly structured work environments where everyone knows the rules of the job. They respect authority and are loyal team players.

December 3, 2008

Adding Value by Jackson Shaw

Friends, a wonderful article.

November 13, 2008

Aligning CobiT® 4.1, ITIL ® V3 and ISO/IEC 27002 for Business Benefit

A good read ... download now and read it.

LDAP Search Filter

Search Tip: To retrieve all the users from a Domain who belong to a specific group use this query.

(&(objectclass=person)(memberOf=fulldn))

For two groups:
(&(objectclass=person)(|(memberOf=fulldn1)(memberOf=fulldn2)))

Use the same tip for multiple groups.

October 31, 2008

A must read - "Sun Loses Co-Founder to Start-Up"

The first few lines may not be of interest for many, however the entire article is an awesome read. Go ahead and read it.

October 23, 2008

One does - Remaining follow

If I am not wrong, the concept of Compliance manager was first started by Aveksa. Unfortunately they were a little late to the market and in the mean while Sailpoint already pitched in. Now we have one more big player ... guess who ....... its none other than Sun Microsystems.

They recently launched their Compliance Manager product. I think I will be able to do a comparative study soon and publish to my blog readers.

October 22, 2008

Congrats India

Picture Courtesy: www.isro.org

Congrats to all the Indians. A most awaited moment in the history of Indian Space Mission has just begun. Its not far when all the myths are broken and an Indian lands on Moon.

Kudos to ISRO and all its associates.

October 17, 2008

Good Read on LinkedIn

Came across an excellent article on how to use LinkedIN and the profits associated with it. Give a read.

October 13, 2008

News from Nous Infosystems

An interview of the CEO of Nous Infosystems on CIOL. Give a read.

October 8, 2008

Open SSO from SUN

May be I am one of those last guys in the world who is talking about this. However I was wondering about a simple concept. How long will Sun be a charity organization?

October 1, 2008

"Indiscipline" has taken over good part of the Software Industry

During my college days, the computer illiterates use to call me a good programmer and under that assumption I used to be in a hurry to keep the name going on. Once there was a task given and we were coding in C. As usual in my hurry to complete it first and faster, I have completed the program. There I press "CTRL+F9" just to see some garbage. Wondering what would have gone wrong I quickly checked the 100 lines of code. Couldn't find an error. My professor came in and started debugging, rather just checking the functionality. In the mean time I think good number of people in my class somehow completed the program.

Still my prof scrolling up and down ... and suddenly I see that I have missed the "&" before the variable name in the "scanf" statement. :-)

That was history, however this is what is happening in the industry today. People are always in a hurry to see their product selling in the market, and in that hurry the programmers deadlines are pushed and what one gets into the market is a faulty product. The sales guy sells it, cos he knows how to handle the POC and a foolish partner picks up the product to implement.

Tough times start when actually people start implementing it.

In the other scenario, these days, people are in such a hurry to implement and show how great they are to their customers; architects are not even making design documents. Finally they mess up the project and somehow deliver some nonsense. If you have read my previous article, its because of such hasty implementations in past the future becomes grim and even after knowing this, people repeat mistakes.

To conclude ... I want to write about a funny experience I had ...
Once when I was taking up a final lab exam for a batch of Electronics engineering, a girl submitted her observations to me. The few details were
Project: Implementation of logical gates using circuits and verifying results.
Precautions:
1. The connections should be tight
2. Readings should be taken without parallax error.

I asked two simple questions.
How do you get parallax error when you have a result of 1 if light glows and a result of 0 if it doesn't?
When from did you start having losses in results if the connections were not tight in electronic experiments?

September 25, 2008

A weird output from a SQL query to Sybase

Environment: Sybase OS, J2EE app running on Tomcat, Driver used was com.sybase.jdbc3.jdbc.SybDataSource

The query goes like this "Select T1.UserId AS ID, " T2.UserId AS GrID ......"

Now the output when logged shows this way
Exiting getColumnNames = [UserId, UserId, .................]

So the "AS" keyword seems to be not working. Problemssssssss

Now the solution was we changed the driver to net.sourceforge.jtds.jdbc.Driver downloaded from Sourceforge. Just downloaded jtds-1.2.2-dist.zip and extracted the jtds-1.2.2.jar to the lib and a simple restart with changes in the connection information.

Hope this would be useful to someone.

September 18, 2008

What am I doing?

Yepp, its been sometime that I got uncertain about what should I be doing. Finally I have decided to move a little ahead in Identity and learn somethign on Identity Governance. I am currently working on Sailpoint's Identity IQ implementation for a large bank.

September 8, 2008

Sailpoint - Identity IQ

Ever heard of Recertifications? I am talking about Access Recertifications which happen in organizations to periodically check who is allowed to access what? This process in many organizations goes this way ...
  1. Collect user database from every Application owner across the organization
  2. Consolidate the list with respect to managers
  3. Send the lists to manager to verify if each of those users require the access to the application with whatever access level specified
  4. Once the manager gives his decision, the users' accesses are either revoked or modified for which again its a lengthy process, as everyone acknowledges
Sailpoint's Identity IQ addresses this issue. The product just like an Identity Manager provides a unified view of the entire organizational users, with all the data pertinent to Recertifications. Once the application is configured for all the necessary applications and the user data is in, scheduled Certification Requests can be fired to every manager in the organization. Also the escalations can be handled. The managers can just login to the application and either recertify or revoke or modify user access to every application.

So most of the process is automated now. Don't think its done yet. It also can make SPML calls to any provisioning engine avaialable (not OOB) in the Identity market and thus automatize the complete Recertification process.

Read more about these at Sailpoint

One last thing, if I am not wrong these features are available in the world's renowed ... :-)

August 12, 2008

Why do companies end up paying huge amounts for Identity Projects?

The sure answer would be indiscipline. Any doubt?
When one starts up a company, least preference is given for IT discipline. No directory implementation, no domains etc which result in a process chaos after few years. Then managements start thinking about bringing things in order and end up not only paying huge amounts to get it straight moreover end up in improper implemenations. I have seen many companies which never had any system according to conventional methods when it comes to user management.
The question that bugs me every moment is why companies do not leverage the open source tools avialable? Directories are avialable in the open, operating systems are available in open, why cant one avail these?
These are my view points:
1. The day the company is christened a directory structure should be in place
2. Every employee record should be present in it.
3. All the available systems in the office should authenticate the user against this directory
4. Employee should be given an option to change his passwords and few other details online
5. Form filling should be avoided on the induction day, instead a webpage should be used and the data should be recorded into a HR database and then should be fed to the directory
6. A small PLSQL trigger on the database can create the email address without conflicts
7. Free Identity tools like SUN Identity Manager should be implemented within one year
8. Every application or tool that the organization needs should be under the perview of Identity Manager
Am I missing something???
I feel these are the basics that one should do for the company's IT wellness in the long run.

July 17, 2008

It happens only in ..........

Recently I visited my Car Service center. While they were working on my car I was going through the workshop and was shocked to read this (last one).

July 16, 2008

An update on ViDT

Today I received a comment on my previous post on ViDT.

"Is VIDT available in Market or from Sun? Could you provide some more detail about VIDT?"

The answer would be ViDT which was previously known as a VIP was the IP of Neogent. This tool makes the implementation of the organizational Identity framework much easier and thus faster. As this tool started achieving popularity, SUN acquired Neogent. Now this tool is used by SUN PS folks to implement the framework faster. This is not available outside for anyone else. SUN has kept it for self :-)

Over-Security consciousness hurts sometimes

Yesterday I was at the PVR Bangalore. I noticed a couple of foreigners arguing with the security at the entrance of the Audi. The guard says they do not allow laptops inside and the couple say its their official laptop and they cannot leave it with the security. They argued with everyone in the hierarchy and finally they left the theater cursing my country and their time. They said they were waiting in the mall for more than two hours just to watch the movie, finally which they couldn’t.

So when it comes to security, where are we heading to? Things meant to keep us happy and safe are troubling us? A theater which charges relatively double to any other ordinary theater in town doesn't provide enough infrastructure where such things can be handled.

Security is something which when dealt by uneducated and unsophisticated people will be the same.

June 21, 2008

An Observation

I was going through Linkedin and just clicked on a survey. The results it showed for the survey have something noteworthy. Check it out.

June 20, 2008

Why IDM initiatives fail?

First check this post


What is said here is true. The people who are building solutions only think of technical issues always, rather than the features which are roots of the organization, viz. Processes and Policies. From an architecting perspective it is very crucial to understand the processes of the organization and then chalk out a plan for work rather than checking out what can be done by the product.

I feel, technologically everything is possible, with the only two constraints - TIME and MONEY. If a space shuttle can be sent to MARS, then an Identity implementation is possible, with or without the chosen product's features. However the feasibility of a solution with respect to time and money has to be planned when one architects.

Just my thought ...

Metaview deprecated - SUN Identity Manager 8.0

The best thing I feel SUN developers did was they removed the Metaview feature. This reportedly had couple of bugs and I was once caught by them :-(

June 4, 2008

SUN Identity Manager 8.0 is released

SUN Identity Manager 8.0 is out

For all the enthusiasts - come download and experience the amazing product


A brief overview of this release:

Sun Identity Manager 8.0 is the latest version of the Sun Identity Manager product offering with expanded Role support, enhanced reporting capabilities, and updated resource adapter and application server support. This update improves upon the industry-leading Identity Manager 7.1 solution with:

# Role Enhancements
  • Role life cycle management can require approvals on Role creates, edits and deletes, and Role changes can be applied to all assigned Users.
  • User-to-Role life cycle management improvements enable support for future and temporary Role assignments.
  • Default Role types including Business Roles, IT Roles, Applications, and Assets are now provided to encourage best practices with regards to Role management.
  • Business Roles can contain roles required by all, conditional for some, and optional (by request and optional approval) for others. A Business Role designer can define coarse grain access, while delegating to the user or a manager the ability to fine tune the access within the scope of a Business Role.

# Enhanced Reporting with Data Exporter
  • Manager operational data can be made available for use by other processes and applications.
  • Data held by and flowing through Identity Manager can be periodically exported to a customer-managed data warehouse or third-party business intelligence and reporting tools.
  • Exported data can be used to answer historical questions regarding 'Who had access to a system, and who approved that access?'. It can also be used to provide reports on operational behavior over time, such as 'Provision Operations by Resource' and 'Workflow Approval Response Times'.
# Attribute Configuration
  • Extended, queryable, and summary attributes can now be configured for roles as well as users.
  • The new extended attribute configuration supports specification of value syntax (STRING, INT, DATE, or BOOLEAN), whether the attribute can have a single or multiple values, and a text description for the attribute.

# Other Notable Updates
  • UNIX resource adapters now support SSH connections using private/public key pairs for authentication to managed resources.
  • Service Provider user password changes will be checked against the password policy configured on the user directory.
# Supported Resource Additions and Updates
  • Exchange 2007 (New)
  • Microsoft Active Directory Application Mode (ADAM) (New)
  • RSA SecurID 6.1.2 (Updated)
  • Siebel CRM 8.0 (Updated)
  • Oracle E-Business Suite on Oracle Applications 12 (Updated)
  • HP OpenVMS 8.3 (Updated)
# Supported Application Server Updates
  • Sun Java System Application Server 9.1 (GlassFish v2 UR1, 32-bit and 64-bit)
  • Oracle Application Server Enterprise Edition 10g Release 3 (10.1.3)
  • Oracle Application Server Standard Edition 10g Release 3 (10.1.3)
  • BEA WebLogic Server 10
  • JBoss Application Server 4.2

# Bug Fixes and Platform Support Updates

For more information about the features in this release, see the Identity Manager 8.0 Release Notes or the Identity Manager documentation set.

May 27, 2008

Using Kerberos to Authenticate a Solaris 10 OS LDAP Client With Microsoft Active Directory

This article describes how to configure a Solaris OS client to use Microsoft Windows Server 2003 R2 Enterprise Edition (Active Directory) for authentication and naming services.

Download the PDF and read on.

May 20, 2008

8 - The wait is over


Yes the wait is over. Very soon the latest version, 8.0 of Identity Manager will be out. Keep checking for updates on the same.

March 24, 2008

Create Table without using mouse and menus

A little bit out of context, however I thought this is interesting and helpful.

Create Table without using mouse and menus

Do you know it’s possible to create Table without using mouse and menus in MS word and Outlook. Here it’s that…

Type the content +——+——+——+ in Microsoft Word, Outlook and press Enter. One row of a table will be created and for more rows you can press TAB

Step 1: Type +———–+————————+————-+

Step 2: (After pressing Enter having the cursor at the last ‘+’ Result will be like the below one)




Step 3: (press TAB to create more Rows)













In this ' + ' represents the column borders and ' ' represents the length of the each column. This Simple way can be used at urgent times

March 14, 2008

Open Source at SUN - Identity Management

The Identity Manager IDE has been open-sourced. As a side note, this also means that the Eclipse
plugin is officially out there. The versions of IdM that are supported include 6.0 (sp3/sp4), 7.0, 7.1.x.x, 8.0 (after the release).

Is NetBeans Plugin Supported by SUN?

Good Question isn't it?

Answer:
Sun only officially supports the Netbeans plugin through standard support tickets and only if you have a support contract for Identity Manager.

March 13, 2008

March 11, 2008

AD Password Sync can be delayed

Read an article on Microsoft site on how to delay the password updates for a user specific amount of time. I am sure this would be useful for many of us at any time during our deployments.

Read on ...

February 20, 2008

Kindly leave your emailId

I get few tech queries. Most of them are posted as comments. When I want to get back to them, I do not have their mail id.

Thus kindly post your mail id.

Thanks a lot.

February 13, 2008

Tripit.com

A little bit out of the box, however I have been just told about an amazing tool provided by http://www.tripit.com.

Features:
  1. Just send your trip itinerary to plans@tripit.com and it automatically creates your id with your email and sends you a password
  2. It also parses your email and plans your calender accordingly.
  3. Using the calender update URL you may synchronize your personal calenders.
  4. Also when you expand your network by adding friends it shows where they are and to them, where you are.
Isnt this cool???

All the frequent travelers out there, register on http://www.tripit.com

February 5, 2008

SUN Identity Manager - A Tip

When a resource is created (ex: LDAP) you may test this. Enter the credentials to connect except the password. Amazingly you will find that the Test Connection succeeded. Now save it to have problems later :-)

So if there is a problem in retrieving data or something similar anytime, you better check your resource for password.

Thought it would help some.

February 1, 2008

Faking one's experience has become the practice of the Industry???

Pondering yesterday about what has everyone got for what they are, I was astonished by the fact that all the class toppers in my class are just doing good, however the average guys are doing much better. My engineering class toppers are just working for ordinary packages in good companies and the others are working for exemplary packages.

Faking one's experience has become a part and parcel of many IT professionals' lives. I can tell you a wonderful story.

Few of my intelligent and hardworking friends resorted to their masters after completing engineering. Remaining people who couldn't clear their exams or didnt get jobs were just roaming on roads with their parents money for almost two years. By the time these intelligents completed their Masters, these people who enjoyed their two years flaunted their resumes in the industry with an experience of two years and got better jobs. These foolish intelligent guys were obviously freshers and deserved less than them.

Moral: So you may have fun for two years after engineering; goto Goa, roam around with your girl friend and then finally struggle for six months to be in a better position.

Pointers:
Companies like Wipro, Infosys, Satyam, I mean name any big brand, there are atleast 30% of people joining them via lateral hiring with fake experiences. These people fake their experience their payslips and get a good pay and better grade than the ones who are genuine. These big companies which boast about background verifications do very little to stop it. If anyone has to say anything against my word, I can prove my statements.

Ethics have no place in the Indian IT industry today.

One another technology which has fallen prey to these fake guys is SAP. Every Tom D**k and Harry goes to some place in Hyderabad to get software installed for Rs.2000 i.e. a mere $50 on their machines and get courses learnt for a mere Rs. 10000 i.e ($250) and thats it once done, these people call themselves a 3 yr experienced and get paid almost 100 times their SAP tution fee.

Is this the only way to go ahead? If so, one can enjoy his school, college and everything, finally buy couple of certificates and one PC with printers to print his fake resume and submit it. Thats it he would have a better situation than the guy who slogged all his life?

I dont remember the ending of the story by SomerSet Maugham but today atleast the grasshopper wins. Will there be some change in this pattern?

Final word, I think even the NASSCOM is sleeping.

January 26, 2008

Login.jsp redirects to Configure: Import Exchange File

Product: Sun Identity Manager

You have hit the idm admin URL and you are redirected to the Configure: Import exchange file page? Did this ever happen to you? A snapshot of that looks like this.

Did you observe the logged in as field? Yes this is something funny that can happen to you.

Reason: Your IdM is unable to locate the database, if someone has removed your database or something of the same sort has happened then you see this page.

Solutions:

1. Recover your database
2. If its ok to have a fresh identity manager i.e. if you lose nothing, then just import the init.xml from idm-installation-dir\sample\init.xml

January 20, 2008

Still hanging around with any version below 7?

Folks looks like the next version of Sun Identity Manager release is not too far. If you are still working with any version below 7? then you may wait to upgrade your skills, directly to ?????? Ahaaa ... wait for the release and the number.

January 18, 2008

Acquisitions Galore

The entire world believed that 2007 was the year for all major acquisitions and truly it was. However, it seems like 2008 has more in store. The year started with the two major acquisition announcements.

SUN Microsystems announcing its intent to acquire MySql

Sun has recently announced its intent to acquire MySql. Day after day SUN is becoming a complete shop, high performing servers to wonderful softwares. One thing to wait and watch would be how would they bundle MySql? Currently SUN already provides PostGRE Sql with its OS.

The best online information regarding the same would be Jonathan's Blog

Oracle's acquistion of BEA

Oracle has announced that it is acquiring BEA systems. Its paying $21/share value which is 25% more than the current value, i.e. 16th January Closing price. This is another great move by Oracle.

We have to wait and see what else does 2008 has in store.

January 13, 2008

Sun Identity Manager is affected by multiple security vulnerabilities with varying impacts

Three Cross-site Scripting (XSS) vulnerabilities may allow local or remote unprivileged users the ability to execute unauthorized scripting code in a user's browser when that user clicks a link to Sun Java System Identity Manager. In addition, a further vulnerability may allow a local or remote unprivileged user to inject unauthorized HTML code into a user's browser when that user clicks a link to Sun Java System Identity Manager. Two additional vulnerabilities may allow a local or remote unprivileged user to redirect the browser to unintended remote sites or to inject frames containing data from unintended sites.