10g OSSO to 11g WebCenter Portal External Applications Migration

Oracle 10g to 11g diagram

We recently had a customer who undertook an Oracle Portal 10g to Oracle WebCenter 11g upgrade and ran into an issue with their External Applications and users. To give some context to the problem, there is a direct correlation between an Oracle 10g OSSO and Oracle 11g Webcenter portal for external applications but no way of migrating users from one to the other. Migrating from one system to another is never easy, and in this instance there was no mechanism to even begin the migration apart from manual migration of the data. This simply was not an option for the … Read More

IDaaS – Vendor + Product + Feature Matrix – November 2016

Cloud computing graphic with icons

As the world of IDaaS continues to evolve at a rapid pace, we’ve put together the latest IDaaS vendor – product – feature matrix for the largest active vendors in the IDaaS space. This information is current as of November 2016 and is put together by a combination of real world industry experiences, documentation reviews and other available information… IBM and Oracle are of note this year for every different reasons. IBM has recently consolidated it’s platform and added many of the emerging technologies into their platforms to offer what appears on paper as the strongest offering, while Oracle has … Read More

On-Premise Identity & Access Management – Vendor + Product + Feature Matrix

Security keyboard button

As with any packaged, on-premise suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services, have remarkably similar (and therefore confusing) naming conventions. To make matters worse, not unlike other COTS enterprise suites, the ‘cloudification’ of these products has begun and many vendors have started to offer a version of these products as a PaaS or SaaS offering. Additionally, many of these vendors also offer an IaaS type deployment of these packaged products in their on-prem form. M&S has … Read More

Microsoft Identity Manager… Coming Soon

Microsoft Identity Manager - Coming Soon

The IDM team at M&S Consulting is excited about Microsoft’s upcoming release / update / rebranding of Forefront Identity Manager to Microsoft Identity Manager. We’ve stood up a lab using the latest (as of this writing) CTP3 and so far have enjoyed playing around with the various new features and wanted to share our quick thoughts. Outside of the modernization and support for the latest platforms and infrastructure, such as, Server 2012 R2, SharePoint 2013, SQL Sever 2014, Microsoft has included several new features to add to the product offering. These include Privileged Account Management / Access and Cloud and … Read More

Compatibility of AWS EC2 API Actions and IAM Policy Resource-Level Permissions

Compatibility of AWS EC2 API Actions and IAM Policy Resource-Level Permissions

In this blog post I will examine how partial implementation of a feature of IAM policies: resource-level permissions interacts with AWS EC2 API actions to produce confusing results. Please note that AWS states in its documentation that it is planning on expanding the compatibility of resource-level permissions, so check the links at the bottom of this post for the most up-to-date information. Below is a short python program (troubleshooting.py) that utilizes the ec2:DescribeVolumes action. As you can see, I have omitted the access/secret key pair. If you wish to use this code, simply insert your access/secret key you obtained from the IAM … Read More

Identity & Access Management – Vendor & Product Matrix

As with any packaged suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services have remarkably similar (and therefore confusing) naming conventions. To help layout the current Identity Management vendor / product landscape as we see it, we’ve put together the following matrix of products by vendors. Service Identity Governance User Life Cycle, Self-Service, Request / Role Based, Provisioning & Deprovisioning, Password Management, Attestation & Compliance / Separation of Duties Oracle Identity Manager IBM® Security Identity Manager CA … Read More

Oracle Identity Management 11gR1 vs. 11gR2 Packages

Many of our customers get hung up on the release cycles, version numbers, and included products of Oracle’s Identity Management offerings. Following is a quick breakdown of the latest versions of Oracle’s Identity Management products included in both 11gR1 and 11gR2 organized as the downloadable software packages. Most of Oracle’s Identity Management products can be licensed as either a part of a suite or individually, however, some can only be licensed individually. The packages have changed significantly between 11gR1 and 11gR2 and some 11gR2 licensing suites include 11gR1 products….confused yet? Don’t worry, we can help. Let’s Talk. Oracle Identity Management … Read More

OIM AD Trusted Recon Job – java.naming.factory.initial Exception

Recently, we configured OIM 11.1.1.5 with MTS (Multiple Trusted Sources) by making AD the authoritative source for the email address attribute. As per requirements, we also added an additional domain attribute to the AD reconciliation process and provisioned additional attributes to AD.   Shortly thereafter our email address updates from AD stop propagating and our AD Trusted Recon job started throwing the following exception…….   [2012-04-19T17:56:23.032-04:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-10] [userId: oiminternal] [ecid: 0000JRBfdRo7y0lqwsFg6G1F^4pi000002,0] [APP: oim#11.1.1.3.0] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : searchResultPageEnum [2012-04-19T17:56:23.032-04:00] [oim_server1] [ERROR] [] [OIMCP.ADCS] [tid: OIMQuartzScheduler_Worker-10] [userId: oiminternal] [ecid: 0000JRBfdRo7y0lqwsFg6G1F^4pi000002,0] [APP: oim#11.1.1.3.0] Need to specify class name in … Read More