ITIM Provisioning Policy Priority
A provisioning policy in ITIM (IBM Tivoli Identity Manager) basically grants access and set entitlements to the ITIM managed services based on the provisioning policy membership.
Each provisioning policy consists of information and settings on the following tabs:
- General
- Members
- Entitlements
Of course, there are factors to consider: Role Memberships, service selection policies and policy join behaviors to name a few but this blog is just looking at the value of the required priority attribute.
The priority setting is a required value on the General tab of the provisioning policy configuration. This is a required numeric attribute and the lower the number the higher the priority of the Provisioning Policy.
Read More»Internet Enable your Applications using WebSEAL with Active Directory Authentication
Let’s say you have a set of applications you use within your organization that you want to make available for access from the Internet. Let’s further say you want remote users to login using their Active Directory credentials. That way, there is no additional password maintenance to worry about – for users or for support staff.
Sounds great, but can you pull it off without exposing your organization to the countless threats lurking out there on the Internet?
In most cases, it can be achieved with minimal risk to your systems and applications. Furthermore, PathMaker can help you design and deploy a solution, as well as help you analyze your applications and infrastructure for potential vulnerabilities.
Read More»IBM Pulse 2012
Pathaker Group is an IBM Premier Partner with the sales and technical certifications required to sell and implement an ever expanding array of best in class security solutions from IBM. Be sure to put Pulse 2012 on your calendar and stop by the Solution Expo and visit our booth. Business partners and customers will learn how IBM is shaping the IT Security Landscape with newly acquired technologies and integrated solutions to meet the growing challenges that we face.
Check out some info from IBM about Pulse!
“Pulse 2012 returns to the MGM Grand in Las Vegas March 4-7, 2012 and we invite you to take part in the action! Experience first-hand how organizations in every industry are using Visibility Control Automation to improve the economics of their business infrastructures and speed the delivery of innovative products and services.
With over 7,000 attendees including industry-renowned speakers, Pulse 2012 is your ticket to hundreds of technology leadership sessions, industry-focused breakouts, and technical skill-building workshops. At this year’s conference you’ll have an opportunity to network with colleagues, participate in hands-on labs, and attend our largest-ever Solution Expo. Don’t miss this significant event!
The Pulse conference is now accepting session submissions! Visit the IBM Speakers page for the timeline, benefits and guidelines, or to answer the Call for Speakers today!” (IBM)
Read More»Zombie Attrition Process (ZAP)
Zombies are everywhere; they lurk in existing and new systems. These zombies don’t lust after our blood or consume our flesh. It is much worse than that. These zombies can cause companies to fail audits, they can be used for unauthorized access, and worst of all they can cost companies money. Technically we are talking about lifeless accounts that exist on systems and no one knows who they belong to. To us on “Team ZAP” or the Identity Management team these accounts are known as ‘Orphan Accounts’. I don’t know about you, but identifying and removing Zombies just sounds more fun.
Not the kind of Zombies you’re interested in? If you are wondering for how to prepare for the basic flesh eating zombie apocalypse, visit our friends at the Centers for Disease Control.
Picture from: http://emergency.cdc.gov/socialmedia/zombies_blog.asp
If you want information on how to deal with Zombie or Orphan Accounts then keep reading. For full disclosure, dealing with Zombies is not for the faint of heart and I am not saying you wouldn’t get your hair mussed. Here at PathMaker Group we don’t mind getting a bit dirty when we deal with Zombies or Orphan Accounts in this proven approach:
Read More»Using IBM Tivoli Identity Manager to Synchronize HR changes to Active Directory
Imagine this scenario. An employee gets married and her last name changes. Human Resources receives the required documentation and updates the employee’s last name. Now that the W2 has been changed, how long will it take this change to get propagated to the email system? How many people will be involved? How many phones calls will be made wondering why the name hasn’t been updated? Shouldn’t there be a simpler process?
With IBM Tivoli Identity Manager (ITIM) this last name change can automatically be replicated to multiple ITIM controlled systems with just the change to HR and without the need of any more human intervention.
ITIM automatically detects the change to the person’s last name and then triggers name change updates to multiple ITIM controlled systems including Active Directory, LDAP and database repositories. These updates occur in real time and the new last name is available for all to see.
Read More»
