Oracle has published an interesting article on the changing IDM Trends. Its a good read.
January 30, 2013
January 21, 2013
The Amazing Security Race
Have you been watching OTN for these interesting stuff, recently? Some of the links are here. Rest are for you to search, view and have fun.
http://medianetwork.oracle.com/video/player/507044355001
http://medianetwork.oracle.com/video/player/507042060001
http://medianetwork.oracle.com/video/player/507044355001
http://medianetwork.oracle.com/video/player/507042060001
January 4, 2013
Oracle stays higher and untouchable in the Magic Quadrant
Oracle has kept its innovation higher and better. The latest Gartner's MQ reflects the same.
November 22, 2012
DRAC - Theory
I have heard about this sometime ago.
DRAC or ...
Denial
Resistance
Acceptance
Comply
theory talks about human nature/response when something new is introduced into one's way of life.
We see this especially in the consulting industry.
Why and where?
As system integrators we try and bring new products into an enterprise. While doing so we hear a lot of negative criticism about the new products in many ways. However, the DRAC cycle completely applies. After a while people start to accept it and comply.
October 26, 2012
Certification/Attestation on an iPad
Some innovations are smart. One of Oracle's partner did something really smarter.
For those who do not understand what Identity Governance or Certifications or Attestations or Access Reviews, it is a process of ensuring that every individual is verified to check if he/she has the right accesses to the systems according to his job role and also to check and remediate unnecessary/toxic ones.
Oracle has a cool product to help Organizations solve this issue/problem of Certification. Its web based. Now a partner brought this to an iPad. I wouldn't like to talk anymore but let you watch the video. It would be very interesting for you if you already know a little bit about Oracle Identity Analytics.
Oracle Identity Governance - Assets
If you are in the space of Identity Management and work for Oracle products, you certainly want to visit the Assets page on OTN.
In today's market who else provides intelligence to public just as Oracle does? :-)
October 4, 2012
Migrating from VMWare to Oracle Virtual Box
There is a good article on how to migrate. But the caveat is the tool eats up all the VMDK files and turns them to VBox files. So please make a copy of the VM before you follow this.
July 20, 2012
Oracle Identity Governance - R2 is out
The most awaited and iconic release of Oracle Identity Governance Platform solution just happened. Go ahead and start reading about it on the OTN. Use #OracleIDM on twitter to read more about expert views.
September 10, 2010
Sailpoint IdentityIQ: Revoke a Policy Violation from Certification
If you had Policy Violations recorded in IdentityIQ and have included them in a Certification then normally it would be displayed as below.
You have only two options. Approve or Delegate. A general option of REVOKE is not provided for a policy violation.
However, there is a option to revoke the same if the certifier wishes to. Of course this is not told and not given. But its a simple change :-)
Open the Policy object and you would see something like below in the first line after XML declaration.
Notice the certificationActions tag?
Modify the same to look as below shown.
Once you add the Remediated word to the tag, your certification automatically shows up the revoke button. Here's a screen shot of how it looks.
Hope this helps.
September 9, 2010
SP Identity IQ: Certification not updated to show revocations done
Okay! I am trying to be pretty descriptive here.
Suppose you have created a certification in Sailpoint's Identity IQ.
An email is sent to the administrator to revoke the entitlement/account.
Administrator, being a good employee has done the revocation right away.
Problem:
Solution:
In every Certification configuration there is a parameter named nextRevocationsScantime
This has a default setting which is inherited from a SystemConfiguration setting.
nextRevocationsScantime attribute is created along with remediationsKickedOff="2"
Later in the cert you will not see nextRevocationsScantime. Rather you would see this. remediationsCompleted="1" remediationsKickedOff="1"
Hope this helps to few consultants.
Suppose you have created a certification in Sailpoint's Identity IQ.
The Certification Owner has revoked a user and saved the certification. Then the certification header would be something like this.
An email is sent to the administrator to revoke the entitlement/account.
Administrator, being a good employee has done the revocation right away.
A scheduled Account Aggregation, in the next few hours, get kicked off and brings in the new data regarding the revocation.
An Identity refresh scheduled for the same night, updates the entitlements for the users.Problem:
You still do not notice the update in the Certification header. It still shows a list of items, which were completed, as due.
Solution:
In every Certification configuration there is a parameter named nextRevocationsScantime
This has a default setting which is inherited from a SystemConfiguration setting.
remediationScanInterval set to 86400000 milliseconds
nextRevocationsScantime attribute is created along with remediationsKickedOff="2"
The above attribute is created, once you revoke someone and save the cert.
Later when you remove the entitlements in database and do an account aggregation and identity refresh; it shall not directly reflect in your cert. Once the nextRevocationsScantime is complete and PERFORM MAINTENANCE TASK runs then it scans and completes the process.
Later when you remove the entitlements in database and do an account aggregation and identity refresh; it shall not directly reflect in your cert. Once the nextRevocationsScantime is complete and PERFORM MAINTENANCE TASK runs then it scans and completes the process.
Later in the cert you will not see nextRevocationsScantime. Rather you would see this. remediationsCompleted="1" remediationsKickedOff="1"
Hope this helps to few consultants.
September 6, 2010
Attention Sun IdM Customers - "What's Your "Plan B"?
This is what Sailpoint says about SUN Identity Manager, its customers and the solutions they can offer to these customers. Interesting read.
It's always sad to see SUN Technologies dying.
September 1, 2010
epoch conversion tool
What is epoch time?
Short description from Wikipedia:
Unix time, or POSIX time, is a system for describing points in time, defined as the number of seconds elapsed since midnight proleptic Coordinated Universal Time (UTC) of January 1, 1970, not counting leap seconds.
Where do you find with respect to IAM parlance?
I have found that Sailpoint's IdentityIQ uses this convention for all dates. examples are create date, expiration date etc.
So if you want to understand what are the exact dates?
August 24, 2010
An important tip for Sailpoint implementors - Requests Page
I was recently working on integrating Remedy with Sailpoint's IdentityIQ 5.0. Other than getting a weird error in the log I was unable to trace the root cause. One of my colleague tried having a look and suggested I should see in https://localhost:8080/identityiq/monitor/requests/requests.jsf. I could actually see all the items that are queued up there. Here is a screen shot.
It is suggested to have a look at this page when you are trying to debug something and unable to go ahead from the usual check points.
It is suggested to have a look at this page when you are trying to debug something and unable to go ahead from the usual check points.
June 30, 2010
Bill Gates advice to the Youth
I came across this article on LinkedIN. Its a good read for everyone. Go ahead, read it from here.
June 3, 2010
Facebook's Sharing feature now on LinkedIn
Match the following: SUN Products get New Names under the Oracle Umbrella
I have read this on Oracle site which was showing the latest names given to all the SUN products. Check it out
March 26, 2010
Sailpoint's IIQ 5.0
Finally, Sailpoint is coming up with its fully geared up Entitlement management software, Identity IQ 5.0. It is going to be released next week. It boasts of many exciting new features like Provisioning, Access Request Manager integration etc.
Need to wait and watch how the product would be after this release. One quick doubt (may be too early) I have is, are they trying to bring new Provisioning product along? Then why (as there are already a lot of products available and deployed)?
I have worked on versions from 2.5 to 4.0
March 5, 2010
Password Reset Issues
I regularly read Jackson's Blog and today I found a very interesting post which was talking about a particular presentation in the RSA conference. I recommend everyone to read it. One line I thought should be mentioned here from the presenter's website was ...
It has been estimated that the average cost of a password reset involving a help-desk call is $22
So how much are companies bleeding on password reset calls???
February 18, 2010
How unique is your browser?
I subscribe to Bruce Schneier's Crypto-gram. There was one article on "How unique is your browser?". Read it.
I have tried it for my browser and the results were as follows.
Your browser fingerprint appears to be unique among the 645,288 tested so far.
Dont forget to read the FAQ section
Subscribe to:
Posts (Atom)
