IRM Summit 2014
OpenIDM 3.1Identity Administration
AND MORE
Tim SedlackSr. Product Manager
2IRM Summit 2014
Centralize and Synchronize Identity Data
Directories
Databases
Applications
AD, Sun, Oracle, MS SQL, SAP, On-Prem and Cloud based apps
User self service
Dashboard/Reports
3IRM Summit 2014
Enabling ABAC with OpenIDM■ Access based on attributes requires CLEAN attributes
– Legacy stores, with no process means Identity data is “dirty”
■ Identity attributes are not standardized– Ex: Assign access to all PM materials
– Product Manager = PM, or Senior PM, or Dir of PM (for HR or DBA but NOT SAP)
■ Need: Normalize and centralize identity (and attributes) into an
authoritative store– Consume existing identity data
– Feed it to new (and existing) systems
Digital Transformation
6IRM Summit 2014
■ Integrated Identity Management– Account Management
– Self-Service Registration and Password Reset
■ Extranet / Customers / Partners / Suppliers– Large-scale, Multi-source user management
– Cloud provisioning
■ Enterprise– Sun (and other legacy) IDM replacement
– Internal & External (hybrid) environments
OpenIDM: Target Use Cases
7IRM Summit 2014
■ Version 3.0 – Released July, 2014– Scalable UI for “End Users” – Delivery Guarantees– Role-Based Provisioning– OpenICF 1.4– Improved Authentication System- Pass-through AUTH– Update/Align to common REST
The evolution of OpenIDM
- Overall Scripting environment improvements
- High Availability OOB- Load balanced session- Fail over across session
- Expanded Workflow defaults and samples
8IRM Summit 2014
■ Version 3.1 – (expected) Release Dec, 2014– Performance improvements – new options for faster recon/sync– Flexible/Uniform Query API (Queryfilter)– Administrative UI
■ Simplified Connector Management
■ Account Administration (aggregated view)
■ Schedules (reconciliation/sync)
– PostgreSQL/EntperiseDB repository support– Connectors update
■ LDAP Connector with Kerberos support
■ PowerShell Script and Cmdlets
■ Remote Execution of connectors
The evolution of OpenIDM
• Product configuration
• Password Policy
• New Cloud Connectors
• Google, Azure, Salesforce
• Scripted Groovy SDK
• ScriptedSQL and ScriptedREST
9IRM Summit 2014
Benefits with OpenIDM 3.1
Rapid install and configuration with the new Admin UI Configuration of Resources including connectors, mapping, etc
CloudConnect : New Framework for rapid creation and editing of connectors REST Endpoints for SaaS providers (Google, Azure, Salesforce) Windows Administration framework with PowerShell, LDAP, Kerberos
More scalability options & performance improvements
15IRM Summit 2014
Demonstration■ Installation Procedure
■ Overview of Configuration User Interface
■ Improvements to Account Administration with Aggregated View
■ SaaS connector with live updates SaaSy!
16IRM Summit 2014
OpenIDM takeaways■ Simple to install and configure
– Quick POCs, Rapid ROI
■ Centralizes and synchronizes Identity (and more!)– Automation eases administration of accounts, resources and more
■ Extensible, Standards based– Developer friendly, fits unique situations quickly and easily
■ An important part of the ForgeRock stack!– Plays well with OpenAM, OpenDJ and OpenIG AND MORE
17IRM Summit 2014
Q&A
Almost there….
Top Related