SlideShare a Scribd company logo

Applying Novell Identity Manager to Your Everyday Problems

Novell
Novell

The document discusses Novell Identity Manager and its web services capabilities. It provides an overview of the Identity Manager architecture, including its event-based system and use of connectors. It then describes the various identity web services available, including provisioning, role management, password management, and others. It also demonstrates how to enable the test pages for these services and discusses implementing custom identity services using workflows.

1 of 23
Download to read offline
Identity Web Services Applying Novell Identity Manager to Everyday Problems ® Jerry Combs Principal Architect Novell Inc.
Agenda • Introduction to Novell Identity Manager web services ® – Identity Manager core architecture – Available identity web services – Enabling the test page functionality • Implementing custom identity services with workflows – Provisioning identities from a custom interface • Demonstration – Provisioning Service – Password Management Service 2 © Novell, Inc. All rights reserved.
Novell Identity Manager ® Core Architecture 3 © Novell, Inc. All rights reserved.
Novell Identity Manager is an event based system! ® Nothing happens without an event 4 © Novell, Inc. All rights reserved.
Event Sources • Connected Systems • Direct changes to the Identity Directory – Identity and Provisioning Application Server – LDAP/LDIF/NDAP • Job Service – “cron” like function to periodically generate events based on query parameters – Jobs are defined and processed on a per connector basis 5 © Novell, Inc. All rights reserved.
Two Active Processing Components • Identity Event Rule Engine – Processes data events based on rules (Policies) – No User Interface – “System” Level Integration • Application Server (User Application) – Workflow Engine – User Interface – Web services – “Service” Level Integration All processing by the App Server results in a data event that is processed by the Rule Engine > 6 © Novell, Inc. All rights reserved.
Rule Engine Connectors • Historically called “Drivers” • All processing is XML based • A connector is a collection of rules, communication APIs, and any API/Code required to translate events to XML • All rule processing is done by connectors! • Special Connectors – A “Loop Back” connector is used to implement processes that need to act on identity data events within the Rule Engine – User Application Connector – Role and Resource Connector 7 © Novell, Inc. All rights reserved.
Identity Directory • Pure object database – Highly scalable – Very extensible • Multi-master replication – High Availability and horizontal scalability – Patented replication process provides an event system • Event system is used by connectors to subscribe to data events • This event mechanism is NOT available in any other directory or database 8 © Novell, Inc. All rights reserved.
Identity Web Services • Provisioning management • Role management • Resource management • Password management – Password Change, Challenge/Response reset • Virtual Directory / Data Abstraction – Access to Identity data • Metrics – Data on system usage and performance • Notification – Enables the sending of emails based on stored templates 9 © Novell, Inc. All rights reserved.
Provisioning Service • Functions to initiate, monitor, and interact with workflows – Start a Workflow (Provisioning Request) – Get Workflow Status – Approve/Deny a request – Get requests for a user – Get requests by a user – Get available requests • URL http://<server>:<port>/IDM/provisioning/service/ 10 © Novell, Inc. All rights reserved.
Role Management Service • Complete roll API – Request a role assignment – Check SOD policy – Get role catalog – Remove a role assignment • URL http://<server>:<port>/IDM/role/service/ 11 © Novell, Inc. All rights reserved.
Password Management Service • Get password policy for a user – Complexity requirements • Check password synchronization status • Change password • Reset password using challenge/response – Available only as a SOAP endpoint • URL http://<server>:<port>/IDM/pwdmgt/service/ 12 © Novell, Inc. All rights reserved.
Virtual Directory / Data Abstraction Service • Access to identity data through the Directory Abstraction layer – Ad-hoc queries – Get Attribute(s) – Pre-defined queries (Global Queries) – Update Attribute • URL http://<server>:<port>/IDM/vdx/service/ 13 © Novell, Inc. All rights reserved.
Resource Management Service • Key services – requestResourceGrant – requestResourceRevoke – getResourceAssignmentsForUser • New end points in RBPM 3.7 patch B – Create, update, and delete Resources • URL http://<server>:<port>/IDM/resource/service/ 14 © Novell, Inc. All rights reserved.
Metrics Service • Provisioning usage and processing statistics • Used for reporting • Not exposed in the RBPM 3.7 Interface • URL http://<server>:<port>/IDM/metrics/service/ 15 © Novell, Inc. All rights reserved.
Notification Service • Used to send email notifications – sendNotification is the only end point • Utilizes templates stored in the Identity Vault – Supplied parameters used to populate template • URL http://<server>:<port>/IDM/notification/service/ 16 © Novell, Inc. All rights reserved.
Enabling the Test Services • Extract the WAR file using the jar utility from the proper JDK • Modify web.xml <servlet-name>Provisioning</servlet-name> <servlet-class>com.novell.soa.af.impl.soap.ProvisioningImpl</servlet-class> <init-param> <param-name>com.novell.soa.ws.test.disable</param-name> <param-value>false</param-value> • Rebuild the WAR file using the jar utility – Do NOT use any other zip application • Deploy the new WAR file • Access the test pages http://<server>:<port>/IDM/provisioning/service?test 17 © Novell, Inc. All rights reserved.
Custom Identity Services • Three simple steps – Build a workflow that implements the function you need – Deploy the workflow – Use the provisioning web service to start the workflow • Benefits – Allows external applications and systems to perform identity functions in a standardized, controlled, and secure way – No need for direct access to Identity Vault • Limitations – Asynchronous only, you must check process status if you need to know that the request succeeded. 18 © Novell, Inc. All rights reserved.
A Real World Example A. A Provisioning Request Definition (PRD) F. - Defines the workflow for a provisioning The rules are evaluated B. action. There may be many PRDs that and the account is created The provisioning request can define any required process. in the appropriate systems. workflows can be initiated via web services. Provisioning Workflow Engine Identity Rule Engine Modify role assignment PRD LDAP Connector Common Web Create std external user PRD Create user in LDAP rule LDAP External Service Account Create “special” external user PRD Interface interface SAP Connector Disable external user PRD Create user in SAP rule SAP C. ***PRD Access to a specific PRD can be controlled at a very granular level. Two applications / users D. can have different flows Once the flow is complete and all for the same end function. requirements have been met the E. flow creates the new user account The eDirectory event system sends and adds the appropriate the event to each subscribing driver. entitlements. Event System Identity Database 19 © Novell, Inc. All rights reserved.
Demonstration
Questions?
Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Recommended

Novell Identity Manager Troubleshooting
Novell Identity Manager TroubleshootingNovell Identity Manager Troubleshooting
Novell Identity Manager Troubleshooting
Novell
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOA
Bob Rhubart
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
Novell
 
Consolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeConsolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization Initiative
Novell
 
Using Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLoginUsing Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLogin
Novell
 

Recommended

Novell Identity Manager Troubleshooting
Novell Identity Manager TroubleshootingNovell Identity Manager Troubleshooting
Novell Identity Manager Troubleshooting
Novell
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOA
Bob Rhubart
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
Novell
 
Consolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeConsolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization Initiative
Novell
 
Using Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLoginUsing Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLogin
Novell
 
Installing and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingInstalling and Configuring Novell Conferencing
Installing and Configuring Novell Conferencing
Novell
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Novell
 
Archiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseArchiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWise
Novell
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Bob Rhubart
 
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory SetupNovell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell
 
Az Managed Exchange Services(1)
Az Managed Exchange Services(1)Az Managed Exchange Services(1)
Az Managed Exchange Services(1)alwayson
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Novell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
Novell
 
Security in a Cloudy Architecture
Security in a Cloudy ArchitectureSecurity in a Cloudy Architecture
Security in a Cloudy Architecture
Bob Rhubart
 
System Center Configurations Manager 2012
System Center Configurations Manager 2012System Center Configurations Manager 2012
System Center Configurations Manager 2012Jose Antonio Chavez Verdin
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software Appliances
Novell
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the Cloud
Bob Rhubart
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
Bob Rhubart
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Novell
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
Bob Rhubart
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Novell
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Bob Rhubart
 
Citrix Netscaler Intro
Citrix Netscaler IntroCitrix Netscaler Intro
Citrix Netscaler Intro
Rui Lopes
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise Server
Novell
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
Craig Wu
 
Integrated Services for Web Applications
Integrated Services for Web ApplicationsIntegrated Services for Web Applications
Integrated Services for Web Applications
Saltmarch Media
 

More Related Content

What's hot

Installing and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingInstalling and Configuring Novell Conferencing
Installing and Configuring Novell Conferencing
Novell
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Novell
 
Archiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseArchiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWise
Novell
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Bob Rhubart
 
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory SetupNovell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell
 
Az Managed Exchange Services(1)
Az Managed Exchange Services(1)Az Managed Exchange Services(1)
Az Managed Exchange Services(1)alwayson
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Novell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
Novell
 
Security in a Cloudy Architecture
Security in a Cloudy ArchitectureSecurity in a Cloudy Architecture
Security in a Cloudy Architecture
Bob Rhubart
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software Appliances
Novell
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the Cloud
Bob Rhubart
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
Bob Rhubart
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Novell
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
Bob Rhubart
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Novell
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Bob Rhubart
 
Citrix Netscaler Intro
Citrix Netscaler IntroCitrix Netscaler Intro
Citrix Netscaler Intro
Rui Lopes
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise Server
Novell
 

What's hot (20)

Installing and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingInstalling and Configuring Novell Conferencing
Installing and Configuring Novell Conferencing
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
 
Archiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseArchiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWise
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
 
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory SetupNovell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
 
Az Managed Exchange Services(1)
Az Managed Exchange Services(1)Az Managed Exchange Services(1)
Az Managed Exchange Services(1)
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 
Security in a Cloudy Architecture
Security in a Cloudy ArchitectureSecurity in a Cloudy Architecture
Security in a Cloudy Architecture
 
System Center Configurations Manager 2012
System Center Configurations Manager 2012System Center Configurations Manager 2012
System Center Configurations Manager 2012
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software Appliances
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the Cloud
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access Solution
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
 
Citrix Netscaler Intro
Citrix Netscaler IntroCitrix Netscaler Intro
Citrix Netscaler Intro
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise Server
 

Similar to Applying Novell Identity Manager to Your Everyday Problems

Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
Craig Wu
 
Integrated Services for Web Applications
Integrated Services for Web ApplicationsIntegrated Services for Web Applications
Integrated Services for Web Applications
Saltmarch Media
 
New Approaches to Faster Oracle Forms System Performance
New Approaches to Faster Oracle Forms System PerformanceNew Approaches to Faster Oracle Forms System Performance
New Approaches to Faster Oracle Forms System Performance
Correlsense
 
Oracle Application Management Suite
Oracle Application Management SuiteOracle Application Management Suite
Oracle Application Management Suite
OracleVolutionSeries
 
Deployment day session 4 deployment using sccm
Deployment day session 4 deployment using sccmDeployment day session 4 deployment using sccm
Deployment day session 4 deployment using sccm
Microsoft TechNet - Belgium and Luxembourg
 
Stay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolithStay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolith
Markus Eisele
 
Google App Engine At A Glance
Google App Engine At A GlanceGoogle App Engine At A Glance
Google App Engine At A Glance
Stefan Christoph
 
Ibm websphere server administration training
Ibm websphere server administration trainingIbm websphere server administration training
Ibm websphere server administration trainingFuturePoint Technologies
 
vFabric - Ideal Platform for SaaS Apps
vFabric - Ideal Platform for SaaS AppsvFabric - Ideal Platform for SaaS Apps
vFabric - Ideal Platform for SaaS AppsVMware vFabric
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
Scott Sutherland
 
Performance Engineering Case Study V1.0
Performance Engineering Case Study V1.0Performance Engineering Case Study V1.0
Performance Engineering Case Study V1.0sambitgarnaik
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf
DeepakAC3
 
EAI example
EAI exampleEAI example
EAI example
Prabhath Suminda
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric
Davide Benvegnù
 
IBM InterConnect 2015 - IIB in the Cloud
IBM InterConnect 2015 - IIB in the CloudIBM InterConnect 2015 - IIB in the Cloud
IBM InterConnect 2015 - IIB in the Cloud
Andrew Coleman
 
Servicedesk Plus 8
Servicedesk Plus 8Servicedesk Plus 8
Servicedesk Plus 8
Mirandell Sistemas
 
Twelve Factor App
Twelve Factor AppTwelve Factor App
Twelve Factor App
Christ Ngantung
 
system automation, integration and recovery
system automation, integration and recoverysystem automation, integration and recovery
system automation, integration and recovery
Derek Chang
 
Architectures, Frameworks and Infrastructure
Architectures, Frameworks and InfrastructureArchitectures, Frameworks and Infrastructure
Architectures, Frameworks and Infrastructureharendra_pathak
 
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
wwwally
 

Similar to Applying Novell Identity Manager to Your Everyday Problems (20)

Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
 
Integrated Services for Web Applications
Integrated Services for Web ApplicationsIntegrated Services for Web Applications
Integrated Services for Web Applications
 
New Approaches to Faster Oracle Forms System Performance
New Approaches to Faster Oracle Forms System PerformanceNew Approaches to Faster Oracle Forms System Performance
New Approaches to Faster Oracle Forms System Performance
 
Oracle Application Management Suite
Oracle Application Management SuiteOracle Application Management Suite
Oracle Application Management Suite
 
Deployment day session 4 deployment using sccm
Deployment day session 4 deployment using sccmDeployment day session 4 deployment using sccm
Deployment day session 4 deployment using sccm
 
Stay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolithStay productive_while_slicing_up_the_monolith
Stay productive_while_slicing_up_the_monolith
 
Google App Engine At A Glance
Google App Engine At A GlanceGoogle App Engine At A Glance
Google App Engine At A Glance
 
Ibm websphere server administration training
Ibm websphere server administration trainingIbm websphere server administration training
Ibm websphere server administration training
 
vFabric - Ideal Platform for SaaS Apps
vFabric - Ideal Platform for SaaS AppsvFabric - Ideal Platform for SaaS Apps
vFabric - Ideal Platform for SaaS Apps
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
Performance Engineering Case Study V1.0
Performance Engineering Case Study V1.0Performance Engineering Case Study V1.0
Performance Engineering Case Study V1.0
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf
 
EAI example
EAI exampleEAI example
EAI example
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric
 
IBM InterConnect 2015 - IIB in the Cloud
IBM InterConnect 2015 - IIB in the CloudIBM InterConnect 2015 - IIB in the Cloud
IBM InterConnect 2015 - IIB in the Cloud
 
Servicedesk Plus 8
Servicedesk Plus 8Servicedesk Plus 8
Servicedesk Plus 8
 
Twelve Factor App
Twelve Factor AppTwelve Factor App
Twelve Factor App
 
system automation, integration and recovery
system automation, integration and recoverysystem automation, integration and recovery
system automation, integration and recovery
 
Architectures, Frameworks and Infrastructure
Architectures, Frameworks and InfrastructureArchitectures, Frameworks and Infrastructure
Architectures, Frameworks and Infrastructure
 
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
Techdays 2013 managing your hybrid cloud datacenter with scom 2012 and what’s...
 

More from Novell

Filr white paper
Filr white paperFilr white paper
Filr white paper
Novell
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2Novell
 
Social media class 3
Social media class 3Social media class 3
Social media class 3Novell
 
Social media class 2
Social media class 2Social media class 2
Social media class 2Novell
 
Social media class 1
Social media class 1Social media class 1
Social media class 1Novell
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2Novell
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
Novell
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
Novell
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
Novell
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
Novell
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Novell
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq finalNovell
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
Novell
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
Novell
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
Novell
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
Novell
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
Novell
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding businessNovell
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
Novell
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Novell
 

More from Novell (20)

Filr white paper
Filr white paperFilr white paper
Filr white paper
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
 

Applying Novell Identity Manager to Your Everyday Problems

  • 1. Identity Web Services Applying Novell Identity Manager to Everyday Problems ® Jerry Combs Principal Architect Novell Inc.
  • 2. Agenda • Introduction to Novell Identity Manager web services ® – Identity Manager core architecture – Available identity web services – Enabling the test page functionality • Implementing custom identity services with workflows – Provisioning identities from a custom interface • Demonstration – Provisioning Service – Password Management Service 2 © Novell, Inc. All rights reserved.
  • 3. Novell Identity Manager ® Core Architecture 3 © Novell, Inc. All rights reserved.
  • 4. Novell Identity Manager is an event based system! ® Nothing happens without an event 4 © Novell, Inc. All rights reserved.
  • 5. Event Sources • Connected Systems • Direct changes to the Identity Directory – Identity and Provisioning Application Server – LDAP/LDIF/NDAP • Job Service – “cron” like function to periodically generate events based on query parameters – Jobs are defined and processed on a per connector basis 5 © Novell, Inc. All rights reserved.
  • 6. Two Active Processing Components • Identity Event Rule Engine – Processes data events based on rules (Policies) – No User Interface – “System” Level Integration • Application Server (User Application) – Workflow Engine – User Interface – Web services – “Service” Level Integration All processing by the App Server results in a data event that is processed by the Rule Engine > 6 © Novell, Inc. All rights reserved.
  • 7. Rule Engine Connectors • Historically called “Drivers” • All processing is XML based • A connector is a collection of rules, communication APIs, and any API/Code required to translate events to XML • All rule processing is done by connectors! • Special Connectors – A “Loop Back” connector is used to implement processes that need to act on identity data events within the Rule Engine – User Application Connector – Role and Resource Connector 7 © Novell, Inc. All rights reserved.
  • 8. Identity Directory • Pure object database – Highly scalable – Very extensible • Multi-master replication – High Availability and horizontal scalability – Patented replication process provides an event system • Event system is used by connectors to subscribe to data events • This event mechanism is NOT available in any other directory or database 8 © Novell, Inc. All rights reserved.
  • 9. Identity Web Services • Provisioning management • Role management • Resource management • Password management – Password Change, Challenge/Response reset • Virtual Directory / Data Abstraction – Access to Identity data • Metrics – Data on system usage and performance • Notification – Enables the sending of emails based on stored templates 9 © Novell, Inc. All rights reserved.
  • 10. Provisioning Service • Functions to initiate, monitor, and interact with workflows – Start a Workflow (Provisioning Request) – Get Workflow Status – Approve/Deny a request – Get requests for a user – Get requests by a user – Get available requests • URL http://<server>:<port>/IDM/provisioning/service/ 10 © Novell, Inc. All rights reserved.
  • 11. Role Management Service • Complete roll API – Request a role assignment – Check SOD policy – Get role catalog – Remove a role assignment • URL http://<server>:<port>/IDM/role/service/ 11 © Novell, Inc. All rights reserved.
  • 12. Password Management Service • Get password policy for a user – Complexity requirements • Check password synchronization status • Change password • Reset password using challenge/response – Available only as a SOAP endpoint • URL http://<server>:<port>/IDM/pwdmgt/service/ 12 © Novell, Inc. All rights reserved.
  • 13. Virtual Directory / Data Abstraction Service • Access to identity data through the Directory Abstraction layer – Ad-hoc queries – Get Attribute(s) – Pre-defined queries (Global Queries) – Update Attribute • URL http://<server>:<port>/IDM/vdx/service/ 13 © Novell, Inc. All rights reserved.
  • 14. Resource Management Service • Key services – requestResourceGrant – requestResourceRevoke – getResourceAssignmentsForUser • New end points in RBPM 3.7 patch B – Create, update, and delete Resources • URL http://<server>:<port>/IDM/resource/service/ 14 © Novell, Inc. All rights reserved.
  • 15. Metrics Service • Provisioning usage and processing statistics • Used for reporting • Not exposed in the RBPM 3.7 Interface • URL http://<server>:<port>/IDM/metrics/service/ 15 © Novell, Inc. All rights reserved.
  • 16. Notification Service • Used to send email notifications – sendNotification is the only end point • Utilizes templates stored in the Identity Vault – Supplied parameters used to populate template • URL http://<server>:<port>/IDM/notification/service/ 16 © Novell, Inc. All rights reserved.
  • 17. Enabling the Test Services • Extract the WAR file using the jar utility from the proper JDK • Modify web.xml <servlet-name>Provisioning</servlet-name> <servlet-class>com.novell.soa.af.impl.soap.ProvisioningImpl</servlet-class> <init-param> <param-name>com.novell.soa.ws.test.disable</param-name> <param-value>false</param-value> • Rebuild the WAR file using the jar utility – Do NOT use any other zip application • Deploy the new WAR file • Access the test pages http://<server>:<port>/IDM/provisioning/service?test 17 © Novell, Inc. All rights reserved.
  • 18. Custom Identity Services • Three simple steps – Build a workflow that implements the function you need – Deploy the workflow – Use the provisioning web service to start the workflow • Benefits – Allows external applications and systems to perform identity functions in a standardized, controlled, and secure way – No need for direct access to Identity Vault • Limitations – Asynchronous only, you must check process status if you need to know that the request succeeded. 18 © Novell, Inc. All rights reserved.
  • 19. A Real World Example A. A Provisioning Request Definition (PRD) F. - Defines the workflow for a provisioning The rules are evaluated B. action. There may be many PRDs that and the account is created The provisioning request can define any required process. in the appropriate systems. workflows can be initiated via web services. Provisioning Workflow Engine Identity Rule Engine Modify role assignment PRD LDAP Connector Common Web Create std external user PRD Create user in LDAP rule LDAP External Service Account Create “special” external user PRD Interface interface SAP Connector Disable external user PRD Create user in SAP rule SAP C. ***PRD Access to a specific PRD can be controlled at a very granular level. Two applications / users D. can have different flows Once the flow is complete and all for the same end function. requirements have been met the E. flow creates the new user account The eDirectory event system sends and adds the appropriate the event to each subscribing driver. entitlements. Event System Identity Database 19 © Novell, Inc. All rights reserved.
  • 22.
  • 23. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.