A Microsoft PowerPoint for "Knowledge Transfer Training Presentation for Identity Lifecycle Manager" aka ILM 2007 FP1. This was put together on my own time and modified for publishing for educating our team on understanding ILM, the business rules, and Identity management.
Reference:
http://solventarchitect.com/2016/01/knowledge-transfer-presentation-for-identity-lifecycle-manager
Introducing Oracle Fusion Middleware 12.1.3 and especially SOA Suite and BPM ...Lucas Jellema
Overview of Oracle FMW release 12.1.3 in general and about SOA Suite and BPM Suite 12c in particular. Highlights important new features and cross product themes (such as productivity, industrialization, ease of getting started and more). Some topics: Service Bus Pipeline, Native Format transformation, XQuery support, BAM new style, Key Performance and Risk Indicators,...
Introducing Oracle Fusion Middleware 12.1.3 and especially SOA Suite and BPM ...Lucas Jellema
Overview of Oracle FMW release 12.1.3 in general and about SOA Suite and BPM Suite 12c in particular. Highlights important new features and cross product themes (such as productivity, industrialization, ease of getting started and more). Some topics: Service Bus Pipeline, Native Format transformation, XQuery support, BAM new style, Key Performance and Risk Indicators,...
Ephesoft & Linux Webinar: Smart Capture™ is Now Even Smarter!Zia Consulting
With the recent release of Ephesoft 3.1 on Linux, the modern alternative to legacy intelligent capture technologies is now even further differentiated from the costly and complex choices of the past. During this presentation, we will provide an overview of Ephesoft on Linux and discuss the unique value provided with this offering.
Specific topics covered include:
-Why Ephesoft on Linux (vs. Windows)
-Ephesoft Web Services and Zia's "In-Process Capture"
-What's So Different About Ephesoft Anyway?
-Document Processing with Ephesoft: Mortgage, Insurance, Human Resources, Accounts Payable + more...
Zia is the 2012 and 2013 Partner of the Year for Ephesoft and co-author of the book Intelligent Document Capture with Ephesoft. Zia Solutions for Ephesoft include Mortgage and Insurance Processing, Invoice Automation, Employee Onboarding/Offboarding, and more!
ELADO started in 2007 by professionals with backgrounds in life sciences, product engineering, marketing and sales and education sectors having worked in the US, Europe and Middle east for more than 20+ years. Key principals are alumni of the Indian Institutes of Management.
Aim was to combine operational excellence with strong domain expertise to assist customers meet their business objectives with a best of breed approach towards business operations.
Provide a wide range of solutions ranging from resource augmentation to BOT models to help customers keep operating as efficiently as possible.
Content 2.0: Easy Records Management using Ephesoft, Alfresco and Zia: Join Zia in a demonstration on how to scan, classify and release images, email, and contracts into Alfresco's Records Management Module.
The webinar would show users how to do 3 things depending on time.
1. Scan, classify and store records in Alfresco and file them in RM - using Ephesoft and Alfresco
2. Inbox monitoring, classifying, and storing email as records in Alfresco and file them in RM using Ephesoft and Alfresco
3. Create, review via workflow, and store agenda's (Zia product that has extended datalists and workflow in Share) in RM
A snapshot of the popular non-coding workflow management tool by Comindware https://www.comindware.com. Drag and drop web forms creation and workflow setup, tailor-made reporting, simplified workspace in the cloud.
Identity and Access Management Deployment using Lifecycle Management (LCM)ASTCorporation
Recently, while working on an IAM project in which we needed to build an Enterprise Security Infrastructure using the 11gR2PS3 version of the IAM software, the requirement for Lifecycle Management (LCM) presented itself. The LCM tool is designed to simplify and automate the multiple manual steps of a typical IAM installation.
The traditional method of installation includes installing/configuring quite a few components, such as JAVA, WebLogic, SOA, OIM, RCU, then creating a domain. With the introduction of LCM, the installation is simplified and automated; however, there is a learning curve involved and there are changes expected in the infrastructure.
It is important to fully understand the various aspects of the LCM tools and their benefit, as well as how LCM can help reduce implementation time. Herein is a brief presentation prepared for our customer in order to educate them on LCM, as well as highlight the benefits, challenges, and limitation of the LCM tool.
Ephesoft & Linux Webinar: Smart Capture™ is Now Even Smarter!Zia Consulting
With the recent release of Ephesoft 3.1 on Linux, the modern alternative to legacy intelligent capture technologies is now even further differentiated from the costly and complex choices of the past. During this presentation, we will provide an overview of Ephesoft on Linux and discuss the unique value provided with this offering.
Specific topics covered include:
-Why Ephesoft on Linux (vs. Windows)
-Ephesoft Web Services and Zia's "In-Process Capture"
-What's So Different About Ephesoft Anyway?
-Document Processing with Ephesoft: Mortgage, Insurance, Human Resources, Accounts Payable + more...
Zia is the 2012 and 2013 Partner of the Year for Ephesoft and co-author of the book Intelligent Document Capture with Ephesoft. Zia Solutions for Ephesoft include Mortgage and Insurance Processing, Invoice Automation, Employee Onboarding/Offboarding, and more!
ELADO started in 2007 by professionals with backgrounds in life sciences, product engineering, marketing and sales and education sectors having worked in the US, Europe and Middle east for more than 20+ years. Key principals are alumni of the Indian Institutes of Management.
Aim was to combine operational excellence with strong domain expertise to assist customers meet their business objectives with a best of breed approach towards business operations.
Provide a wide range of solutions ranging from resource augmentation to BOT models to help customers keep operating as efficiently as possible.
Content 2.0: Easy Records Management using Ephesoft, Alfresco and Zia: Join Zia in a demonstration on how to scan, classify and release images, email, and contracts into Alfresco's Records Management Module.
The webinar would show users how to do 3 things depending on time.
1. Scan, classify and store records in Alfresco and file them in RM - using Ephesoft and Alfresco
2. Inbox monitoring, classifying, and storing email as records in Alfresco and file them in RM using Ephesoft and Alfresco
3. Create, review via workflow, and store agenda's (Zia product that has extended datalists and workflow in Share) in RM
A snapshot of the popular non-coding workflow management tool by Comindware https://www.comindware.com. Drag and drop web forms creation and workflow setup, tailor-made reporting, simplified workspace in the cloud.
Identity and Access Management Deployment using Lifecycle Management (LCM)ASTCorporation
Recently, while working on an IAM project in which we needed to build an Enterprise Security Infrastructure using the 11gR2PS3 version of the IAM software, the requirement for Lifecycle Management (LCM) presented itself. The LCM tool is designed to simplify and automate the multiple manual steps of a typical IAM installation.
The traditional method of installation includes installing/configuring quite a few components, such as JAVA, WebLogic, SOA, OIM, RCU, then creating a domain. With the introduction of LCM, the installation is simplified and automated; however, there is a learning curve involved and there are changes expected in the infrastructure.
It is important to fully understand the various aspects of the LCM tools and their benefit, as well as how LCM can help reduce implementation time. Herein is a brief presentation prepared for our customer in order to educate them on LCM, as well as highlight the benefits, challenges, and limitation of the LCM tool.
Integrating SAP HR and Business Process Driven Identity ManagementNovell
Learn how to use the SAP HR and SAP HR Business Logic drivers for Novell Identity Manager to leverage SAP HR as a source for employee information and employee-related business processes. Take a deep dive into the SAP HR data model and see how it is represented and interpreted in and by Identity Manager. In this session, you'll learn how easy it is to detect processes happening in SAP HR coming in to Identity Manager through the SAP HR driver. You will use standard functionality to deal with future events, and use organizational structure to determine an employee's manager, while learning about direct reports and other information important in an HR-driven identity management implementation.
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...vasuballa
Oracle Application Management Suite for Oracle E-Business Suite delivers capabilities to facilitate management of Oracle E-Business Suite environments running in the Oracle Cloud and on-premises using a single pane of glass. Learn about key new features provided in the latest release available with Oracle Enterprise Manager 13c. Features covered include deploying patches and customization across all environments, comparing configurations between instances, provisioning a new instance to the Oracle Cloud, migrating an existing instance to the cloud, enforcing compliance standards, and automated cloning.
Techniques from the presentation "101 Interactive Training Techniques to Increase Learning" by Crystal Schimpf, Kieran Hixon & Nancy Trimm at the Colorado Association of Libraries 2011 Conference.
Don't Leave Your Traditional IBM Systems Out of Your IT Operations EffortsPrecisely
Many companies are modernizing their IT Operations capabilities by moving to a new platform. Some companies are motivated by a desire to become more proactive with their IT operations. Other companies find they have disparate processes and disconnected systems and need to move to a single platform for their IT operations. Whatever is motivating the modernization, it is critical that the new IT Operations process provides visibility into the entire infrastructure. Syncsort’s Ironstream solutions can provide a seamless integration for IBM Mainframe and IBM i IT Operations data to be included in these new IT Operations platforms.
Watch this webcast to:
Learn what IBM legacy system data needs to be integrated into the modern IT operations platforms like Splunk and ServiceNow
Understand the pitfalls of common workarounds to this challenge
Hear about actual real-world implementations and the benefits they are getting from Ironstream
Downtime is Not an Option: Integrating IBM Z into ServiceNow and SplunkPrecisely
Support critical enterprise initiatives without burdening your mainframe staff.
In today's always-on digital world, downtime isn’t an option. Applications span multiple platforms and networks, requiring an enterprise-wide view of security, critical incidents and outages that can bring business to a halt.
Organizations are investing in Splunk and ServiceNow for real-time enterprise-wide visibility for faster identification, mitigation and resolution of issues that can impact the business. However, without the mainframe, these solutions have a glaring blind spot.
Learn how leading IT organizations support critical security and operational enterprise initiatives by integrating the mainframe with these platforms, without disrupting the mainframe, or the teams that support it.
We’ll cover:
- Top use cases and benefits for including mainframe data in Splunk and ServiceNow
- What happens to your mainframe data in each of these platforms
- Challenges of integration… and how to solve them
Government Agencies Using Splunk: Is Your Critical Data Missing?Precisely
Mainframes continue to run many critical applications for Government agencies, and if you’re a government agency using Splunk, the Mainframe is often a major blind spot.
Ironstream is the industry’s leading high-performance, cost-effective solution for forwarding critical security and operational machine data from the mainframe to Splunk.
View this 20 minute demo to learn how Ironstream can deliver:
• Healthier IT operations by correlating events across all your IT Infrastructure – increasing efficiency, insight and cost-savings
• Clearer, more precise security information with complete visibility into enterprise wide security alerts and risks for all systems, including mainframes
• Less complexity by breaking down silos and seamlessly integrating with Splunk for a single view of all your systems, with no mainframe expertise required
We also share how one federal law-enforcement agency used Ironstream to meet the ever-changing reporting requests from its auditors in order to prove compliance with information-security requirements.
What Does Artificial Intelligence Have to Do with IT Operations?Precisely
From the early days of IT, organizations have grappled with the challenges of understanding how well their infrastructure is performing in support of the business. They have used a plethora of tools to detect, manage, and resolve problems that are causing disruption of services, but still struggle to achieve a unified, cross-domain understanding of what is happening across their IT infrastructure. Fortunately, over the past few years analytics platforms like Splunk, Elastic, and others have emerged to address requirements around IT Operations Analytics (ITOA). Now today the buzz is around AIOps – Artificial Intelligence Operations. But what is AIOps, and what can it do to help organizations address IT challenges. In this presentation you will get a better understanding of:
What is Artificial Intelligence for IT Operations
What are the required technologies for success at AIOps
What challenges exist for achieving AIOPs
In this session, which has been presented after the Connect also at Rheinland Nachlese, Engage by BLUG and BCCon, we took you on the quest of strengthening the security while cutting costs for administration.
Daily administration of the IBM Domino environment can be manual, tedious and cost-intensive. Mismanagement can also pose significant security issues and can also result in legal ramifications.
Whether you need to cut costs in administration, save time spent on routine tasks, or make your audit team happy, there is help available.
Specialized in administration automation and security solutions, BCC has gained an unique insight in various Notes/Domino enviroments of more than 800 customers worldwide. In this session we will share the best practices on how to streamline IBM Notes and Domino administration, enhance system and process security, and ensure compliance with legal regulations.
* Automate the user, group, and app administration processes to reduce manual tasks and avoid human errors
* Implement strict compliance with corporate administration standards and reduce administration costs
* Prevent fraud / malicious actions from inside your company and ensure compliance with legal regulations
MOUS13: Maintaining and Caring for your EPM EnvironmentEmtec Inc.
'Maintaining and Caring for your EPM Environment', presented by Oracle Platinum Partner, Emtec, discusses log files, periodic maintenance activities & common issues, monitoring your environment, backups & patches and more!
Why Integrating IBM Z into ServiceNow and Splunk Is So ImportantPrecisely
Organizations are investing in Splunk and ServiceNow for real-time enterprise-wide visibility for faster identification, mitigation and resolution of issues that can impact the business. However, without the mainframe, these solutions have a glaring blind spot.
Applications span multiple platforms and networks, requiring an enterprise-wide view of security, critical incidents and outages that can bring business to a halt. The costs incurred to troubleshoot and remediate performance issues and outages can quickly become a major expense.
Learn how leading IT organizations support critical security and operational enterprise initiatives by integrating important mainframe information with these platforms, without disrupting the mainframe, or the teams that support it.
Watch this on-demand webinar to discover:
· The benefits for including mainframe data in Splunk and ServiceNow
· What you can learn with a complete view of your entire IT environment
· Best practices for integrating mainframe data
As a global leader in financial asset management services, Legg Mason grappled with how to align it’s big, complex and ever changing CRM and reporting data/processes from conventional client/server to current day SaaS model such as Salesforce. Challenges we faced are multi-faceted, but notably first how to safely migrate and sync cloud and onsite data; and secondly how to architect front end application design for best data consumption.
In this session, you will learn:
* Data migration BP ( best practices ), tips, gochas at details, setting up a brand new Informatica environment.
* BP around Informatica Cloud, PowerCenter (PC) connecting to Salesforce.
* BP around setup and prepare a SaaS app like Salesforce to work with Informatica products.
Enhance ServiceNow with Automated Discovery for Mainframe and IBM iPrecisely
IT organizations using ServiceNow for their IT Operation Management (ITOM) rely on the Configuration Management Database (CMDB) to manage infrastructure changes and diagnose problems. But, without an automated Discovery process, companies struggle to keep their CMDBs current, and they can lack information necessary to drive IT processes effectively. As a result, IT staff can waste time and energy trying to determine which business services are impacted by changes, failures, or performance issues as they try to determine root causes for business service problems.
ServiceNow® Discovery provides IT with visibility into IT infrastructure and its changes by automatically discovering physical and virtual devices such as laptops, desktops, servers (physical and virtual), switches, routers, storage, and applications, as well as the dependent relationships between them. However, if you are a company that relies on traditional IBM systems like mainframes or Power Systems running IBM i to support your critical applications for your company, ServiceNow Discovery lacks the ability to integrate CI’s from these systems. Ironstream for ServiceNow fills this gap by seamlessly integrating with ServiceNow to include these critical systems in the regular, automated ServiceNow Discovery process.
Watch this on-demand webinar and learn:
• How critical the Discovery process is to build an effective IT Operations strategy
• How critical Ironstream for ServiceNow is for traditional IBM systems like mainframes and IBM i servers
• How customers have realized the benefits of a successful Discovery process for their IT Operations efforts
It's always been a dilemma -- do you invest in servers, licenses and people to set up and maintain a fully controllable SharePoint infrastructure in-house, or is it time to explore hosting SharePoint off-premise? Legal IT professionals have been struggling with this decision for years.
The on-premise option offers peace of mind from a security and controllability standpoint, but comes saddled with high costs, a demand for resources and limited scalability. SharePoint Online, on the other hand, alleviates the burden associated with SharePoint on-premise by removing the need for servers, software licenses and personnel, and can be rolled out to a large pool of people virtually overnight. However, you'll still need support for integration projects. Join us as we discuss the pros and cons of each option and give you recommendations based on our experiences, deployments and feedback.
Speakers:
Ted Theodoropoulos, as the founder and President of Acrowire, combines his interest in technology with his passion to improve the business productivity of entrepreneurs and corporations. He has a background in technology going back to the early 1980s and is an expert at reducing the cost of doing business by identifying process inefficiencies and implementing the right technology solution to bridge the gap. Ted has earned Six Sigma Green and Black Belt certifications, and his Green Belt work led to a United States patent for which he was recognized with the 2007 Best of Six Sigma Award. He is a Microsoft Certified Professional and a Certified Scrum Master. Contact Ted at ted@acrowire.com.
Brian Gough, a Solutions Architect at Acrowire, offers a wealth of knowledge with over 20 years of experience in the IT industry. He has been working with SharePoint since version 2003, and has set up more than 50 farms and over 200 sites in nine languages. Brian has twice been recognized by Microsoft and his peers as a SharePoint MVP for his contributions to the SharePoint community and knowledge of the product. He has taught classes in SharePoint development and given numerous speeches and presentations around the country on a variety of SharePoint topics. Contact Brian at bgough@acrowire.com.
Making Legacy IBM Systems Visible in ServiceNowPrecisely
ServiceNow offers IT operations management (ITOM) solutions that deliver enhanced visibility, automation and operational intelligence to keep business services up and running. However, the ServiceNow platform does not support your mainframe and IBM i environments by default – leaving you to manage silos, with decreased productivity and increased risk.
Learn how you can seamlessly integrate mainframe and IBM i systems into your ServiceNow IT Workflows so you can eliminate manual processes, increase productivity and respond faster to improve service availability across your business.
Topics include:
• How to extend ServiceNow Discovery to auto-populate your CMDB
• How to use ServiceNow Event Management to monitor your legacy IBM systems
• Customer use cases and examples
Ironstream for IBM i - Enabling Splunk Insight into Key Security and Operatio...Precisely
IBM i servers and workloads can produce large amounts of log data daily, but as it’s written in different formats, to different journals, queues and system logs, it’s difficult to access and make usable for reporting. Join us for a webinar as introduce the Syncsort Ironstream for IBM i: a new product that expands our machine data solutions for Splunk to the IBM i. Learn how Ironstream can help your organization gain insight into operations, security and service delivery for the ultimate success of your business.
View this webinar on-demand to learn:
• How to leverage Splunk Enterprise to gain insight into IBM i log data
• Ways to gain better insight into security threats
• How to discover and act upon operational and performance issues that impact service delivery
At Agile IT, we've been leading the trend in moving customers to the Microsoft Cloud. Along that roadmap is the need to secure and manage the devices that will access that data. The Microsoft Enterprise Mobility Suite (EMS) focuses on managing both the data that's accessible from the cloud as well as the devices that access it. In this webinar, we introduce you to EMS and focus on how cloud technologies work together to deliver a seamless solution for protecting your data.
The accompanying recording of the webinar can be found at https://youtu.be/NOWFI4xl-dM.
Similar to Knowledge Transfer Training Presentation for Identity Lifecycle Manager (20)
External Access points to a single Public VIP that terminates the TLS session at the external facing F5 Virtual Server. The back-end VLAN interface of F5 from the same session, forwards all TCP traffic to Oracle OHS for reverse proxy. - Which in turns communicates to the internal facing VLAN of the F5 Virtual Servers configured as Load Balancers using the F5 LTM module. The “APM” module uses the Oracle WebGate integration for access management
http://mikereams.com
Visio diagram of a project delivery timeline of tasks needed to support identity management deployments. It’s a clean way of visually communicating out the deployment strategy and plan. I used Microsoft Visio 2013 using the out-of-the-box templates for Timeline Shapes.
Design pattern called "Perimeter Application Protection of Identity Access Management" describes the general pattern for following securing applications with external access
Design Pattern for Oracle Identity ProvisioningMike Reams
Architecture Design pattern for how to manage person data in an Identity ecosystem. Supports a TOGAF framework for establishing Building Blocks.
Reference:
Design Pattern Library http://solventarchitect.com/design-patterns
User Flow swim-lane Diagram for New Hire Mike Reams
Demonstrates an employee becoming a “New Hire” in the Identity Management Environment. This workflow addresses 3 business requirements in a single architecture
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
2. INTRODUCTION
• The goal is to educate you on how the business currently provides the capability of Identity Provisioning
using the current Microsoft product called “Identity Lifecycle Manager 2007 FP1” Aka ILM
• You will also minor in Access Management areas that is directly effected by the Identity Provisioning side
• This information will provide you with fundamental concepts to maintain the provisioning process along
with the technology
• My level of expertise with MIISILM go back 8 years with Identity Management of 10 years
3. AGENDA
Day 1: Core concepts of ILM
• Review Objectives
• The History of How We Got Here
• The Road Map of IT Standards
• Review the Environments
• Discuss the Individual Data Sources
• Discuss he General Concepts of ILM
• The Job Engine and Dependencies
• “Disaster Recovery” Exercises
• ILM Configuration Review
• Exporting HTML documentation
• Summary/Questions & Answers
Day 2: Key “Use Cases” with
exercises
• Test Runs from Data files
• Review Business Logic
• Discussion on Use Cases
• Fun Test Exercise for “Self-Evaluation”
• Summary/Questions & Answers
4. DAY 1: OBJECTIVES
At the end of the day you should be able to:
• Understand the History of how we got here
• Understand the IT Standards currently in place and replacing the Legacy platform
• Know the Environments
• Have an high-level idea of why & how each Data Sources is used in the equation of a person’s identity
• Understand the core concepts of ILM at a high level
• Manage the ILM Job Engine process and understand the what & why the perimeter dependencies need from it running
successfully
• Maintain a the environment to be prepared in the event of an emergency that the primary ILM server crashes
5. DAY 1: HISTORY
• 2006 - First deployed Microsoft Identity Information Server “MIIS”
• MIIS provided capabilities of taking a PeopleSoft ID with provisioning/de-provisioning into Active Directory
• 2007 - Upgraded from MIIS to ILM (Identity Life Cycle Manager)
• 2008 - Enabled Auto-Provisioning for Corporate Employees into the NOS directory
• 2009 – Deployed Badge provisioning
• 2010 – Deployed Yammer integration with email as the identifier
• 2011 – Deployed Remedy user provisioning for employees and contractors
6. DAY 1: IT STANDARDS ROAD MAP
• Decided to keep Microsoft Identity Lifecycle
Manager 2007 FP1 in the phase of “Approved-
Maintain” until at least Q2
• Build-out of the Oracle Infrastructure for the
Software Product called “Oracle Identity
Manager 11.1.2” that is set to replace ILM
• Scheduled to build a new Oracle platform for
other Middleware components to be on the
latest release of R2 that doesn’t include OIM MIIS
2006
ILM
2008
OIM
2015
7. REVIEWING THE ENVIRONMENTS
• Cohesion with all environments shall remain in place until platform sunset
• Physical Servers running Windows 2003 with SQL 2005 installed locally on each server
• Development
• 1 environment exists and performs the same functions and capability as QA and Production
• QA
• 3 environments exist
• The QA Testing Environment
• The QA Staging Environment
• The QA Virtual Environment
• Production
• 1 environment exists with a warm-standby Physical Server integrated with PeopleSoft
8. INDIVIDUAL DATA SOURCES
Authoritative Sources
• PeopleSoft – The primary source of record for
Employee ID and employee job data. Roles are
also consumed and associated with each
Employee ID
• Microsoft SQL – The primary source for Custom
Application Role Access that authorizes users
• Active Directory – The primary source of record
for email and phone number come from Active
Directory for user and contact objects
• Oracle – The primary source of record for
Timesheet Role Access that authorizes users
Data Consumers
• PeopleSoft – ILM currently exports email and phone
number back to PeopleSoft
• Microsoft SQL – ILM currently provisions records to
a Remedy User Staging SQL
• Active Directory –
• ILM Provisions NOS accounts for all business units
• Provisions NOS with Default Groups, Home Drives,
and Exchange eMail
• Provisions Employee ID accounts to Active Directory
• Manages “otherMailbox” for Yammer provisioning
• Manages Contractor Accounts to NOS
9. GENERALCONCEPTSOFILM
What is the big deal with Connector Space & Metaverse?
Each Management Agent “MA” connects the metaverse through a
unique connector space “CS” that mirrors the data elements of the
Connected Directory . Data is then moved to or from the CS to the
metaverse based on the import and export rules
The metaverse (MV) is simply a database. ILM uses the MV to store the
configuration of all the connected directories (CDs) that import data
into or export data out from the MV. Be warned—do not dig into the
MV database
What are Management Agents?
Management Agents (MAs) are the tools you use to define Connected Directories “CDs”. You create a rule for
importing and exporting data into the metaverse “MV” from a CD using the MA import and export rules. This rule also
defines which MA contributes which attribute and how data is purged from the MV once it disappears from all CDs
What is the purpose of ILM?
ILM is simply a data synchronization engine driven by sets
of rules in a state-based system
Uses ILM for syncing Employee ID’s & Roles from PeopleSoft
and joining them to other data sources based on business
rules
CEI-NOS Search MA
NOS- Active Directory
Bring in all LDAP SamAccounts. The service
account must have read access to entire directory
for this attribute in order to not create duplicates
CEI NOS Search
Connector Space
ILM Server
NOS
Provisioning
Connector
Space
AD
Connector
Space
Metaverse
PeopleSoft
Connector
Space
HomeDrives
Connector
Space
DefaultGroups
Connector
Space
Deprovision
DefaultGroups
Connector
Space
NOS Search
Connector
Space
Start
Badging
Connector
Space
10. THE JOB ENGINE AND
DEPENDENCIES
• Within the ILM Servers, in a directory called “C:ILMMARuns”, exists command
files used to run ILM jobs in unattended mode and managed by Control-M
• The Windows Service “Microsoft Identity Integration Server”, must be run by a
service account that has specific rights to the server and Active Directory Objects
11. “DISASTER RECOVERY” EXERCISES
• Current back strategy
• ILM currently stores it’s data locally on SQL 2005 and a backup is performed nightly (I:Microsoft SQL
ServerMSSQL.1MSSQLBackupsMicrosoftIdentityIntegrationServer )
• The Enterprise back-up software currently captures those local backups and stores on off-site tape storage
• A manual Configuration export is performed prior and after each environment change to the stand-by server
• Keep this directory in sync with source control: C:ILMExtensions
• Procedures for exporting current ILM configuration
• The GUI has 3 areas for exporting configuration
• Export server configuration
• Export metaverse schema
• Export Management Agent configuration
12. ILM CONFIGURATION REVIEW
• Understanding the ILM Configuration is important since that controls the custom behavior of the environment and is
routinely updated to support business change
• File: C:ILMExtensionsILMConfig.xml
• Below is a sample XML snippet that displays how Employee Status codes from PeopleSoft control the behavior of how an
Identity is treated
A: Active T: Terminated D: Deceased R: Retired U: Terminated with Pay P: Leave with Pay L: Leave of Absence
<StatusRule="A" DisableAD="false" DisableAD="false" BreakAssociation="false" DeprovisionContactObject="false" />
13. EXPORTING HTML DOCUMENTATION
• Using the “Management Agent Configuration Viewer” tool to create HTML reports of the Management
Agents (Located: C:ILMResKit) which is an additional download aside from ILM
14. DAY 2: OBJECTIVES
At the end of the day you should be able to:
• Understand the Use Cases and resolve the ones that require manual intervention
• To execute test log syncs
• Review the Team’s Questions
15. REVIEW BUSINESS USE CASES
• Hire
• Rehire
• Leave of Absence
• Return from Leave
• Termination
• Retirement
• Severance
• Transfer out of Business Unit
• Transfer Into Business Unit
• Deceased Employee
• Data Changes
• Misc. Data Corrections
• Contractor Being Hired as Employee
16. BUSINESS USE CASE - HIRE
Actions
1. Normal Hire – Normal Process
Data entry performed 1 or more days
before employee’s first day
2. New Hire Special handling
Network ID Aka ”NID” being requested
immediately and before PS data entry
has occurred
3. Multiple accounts created
Timing issues and lack of awareness,
require the ILM admin to intervene after
a second NID/email is automatically
created
Business Process Steps
Auto provisioning is based on PeopleSoft Data Entry date
A. Mgr completes EE Data Request Form
B. Mgr initiates badge application process (form)
C. HR enters data from EE Data Request Form
D. Nightly PeopleSoft jobs are executed by Control-M
E. Control-M invokes ILM processing creates email, Home
Drive, Default Groups, Remedy Staging
F. Corporate Security processes badge application request
form to activate badge; Staging table data is available as
input to the manual Badge Application process
17. BUSINESS USE CASE
NEW HIRE SPECIAL HANDLING
Scenario Information
• These process steps occur to prevent the creation of a
second NID/email
• This scenario occurs when a manual request is performed
to create a NID/email BEFORE the PS New Hire Data Entry
triggers the creation of a second NID/email
• Proper handling of this scenario requires the Control M
scheduling jobs (which control ILM) be paused before the
automated ILM jobs are triggered by the PS data entry
• This process requires timing coordination between Help
Desk, HR, and the ILM administrator
Mgr contacts help
desk to request
immediate creation of
NID/ Email
Can mgr can wait for
the automated
creation of NID?
Has initiated EE Data
Request Form?
YES
NOMgr must go back
and submit
Request Form
NO
Allow Auto provision
to occur on PSEntry
Date
YES
Sys Admin works queue and
responds to ticket and
creates NID, email, Home
Drive, and Default Groups;
updates ticket
The help desk creates
ticket and assigns to Sys
Admin for manual creation
of NOS ID
Help desk
notifies Mgr that
rush creation of
NID and Email
are complete
Help desk re-assigns
ticket to HRAdministrator
to request notification of
when PS data entry is or
will be completed
HRAdministrator
performs PS data entry
and asks the help desk to
update the ticket with the
information regarding
when the PS data entry
was complete
The help desk updates
the ticket with the date
and time PS data entry
was complete and re-
routes the ticket to the
ILM administrator
ILM administrator
requests that the
Control-M scheduling
jobs that control ILM are
paused for the
processing cycle
following when the PS
New Hire data entry
occurred (usually
overnight)
The ILM administrator
manually runs the jobs
to prevent ILM from
provisioning an account.
This is a 45 minute
process
ILM Admin closes
ticket
18. BUSINESS USE CASE – HIRE OR
REHIRE W/ MULTIPLE ACCOUNTS
CREATED
Scenario Information
• BEFORE the PS New Hire Data Entry triggers the
creation of a second NID/email AND the ILM
administrator was not notified to intervene; as a
result, a second NID/Email was created.
• Help Desk re-assigns ticket to IDM Administrator to
reconcile manual set-up with automated procedure
• IDM Administrator works queue and IDM
Administrator works queue and responds to ticket to
reconcile manual set-up with automated procedure
Help desk gets a
ticket about wrong
NID or Email
Mgr contacts help
desk to request
immediate creation of
NID/ Email
IDM Administrator works queue
and responds to ticket to
reconcile manual set-up with
automated procedure
Go to the ILM Joiner and search
the disconnectors against the
NOSProvisioning MA
Does the NID
exists?
Since the new Empl IDwill have a
new NOS ID created, you will
need to add that IDto the search
filter on the bottom pane to
prepare for the join
YES
This meansthe
NOSID either
doesn’t exist in
coxinc or is a
connector against
another Identity
NO
Search ILM for the
networkIDyou need to
join and disconnect it.
Note what it was
connected to and put
info in ticket
Once you have your returned record go to it’sproperties
then go to the “Connectors” , you will need to
disconnect anyNOS MA objects
While highlighting the disconnected NOS IDin the top
pane and the new Employee IDin the bottom pane, you
will see the “Join” button become available. Click Join
Go to the Employee ID
propertiesthen go to the
“Connectors” , you will need to
disconnect the incorrect NOS
Provisioning MAobject
The next options is to either
allow the jobsto auto run or
to perform a “Commit”
previewof the data to force
the sync into the MV
The ILM .NETlogic has both
joined your selected NOSID and
has also provisioned an
additional NOSProvisioning MA
ID
ILM Admin
closes ticket
19. BUSINESS USE CASE - REHIRE
Actions
1. Normal processing
Data entry performed 1 or more days
before employee’s first day
2. Re-hire Special handling
Data entry performed on or after
employee’s first day AND NID/email
required immediately
Business Process Steps
• Same business process steps as the new Hire but the
manager designates the transaction as a re-hire.
• ILM processing will either activate or create email,
Home Drive, and Default Groups
20. BUSINESS USE CASE – REHIRE SPECIAL HANDLING
• Generally used when PeopleSoft data entry is delayed until start date or later – in other words, the
employee is already here and needs a NID to get to work but there data is not yet in PeopleSoft
• The reconciliation process performed by the IDM Administrator will result in the deletion of the auto
generated NID and Email accounts and join the manually created account to the employee identity in
ILM
• To resolve this, simple follow the same Hire Special Handling steps
21. BUSINESS USE CASE – LEAVE OF ABSENCE
Scenarios
• Employee placed on any type of Leave within
PeopleSoft
• ILM and the portal is configured to distinguish
this type as EmployeeStatus=“L” and will treat
this type as a Valid/Active user
Business Process Steps
• Change initiated through manager on Employee
Data Change Form
• HR enters data from EE Data Request Form
• ILM takes no action with NOS components as
LEAVE does not result in de-activation of
accounts
• ILM checks for records in the Badging system
passes the status update to Badging
22. BUSINESS USE CASE – RETURN FROM ABSENCE
Actions
• Employee returned to Active Status from any
type of Leave
Business Process Steps
• Change initiated through manager on Employee
Data Change Form
• HR enters data from EE Data Request Form
• ILM checks for records in the Badging system
passes the status update to Badging
• ILM takes no action with NOS components as
LEAVE does not result in de-activation of
accounts therefore Return from Leave requires
no action
23. BUSINESS USE CASE - TERMINATION
Scenarios
• Normal Termination processing
Data entry on or before term date
• Terminations for cause requiring immediate action
• Terminations with special building access
arrangements
• Terminations with special network access
arrangements
• Active or Leave EE changed to Term long after
effective date
Business Process Steps - Normal
Termination
• Manger initiates termination through Employee Data Change Form
• HR enters termination from EE Data Request Form
• ILM passes status change to Badging Staging Table on Effective
Date (or on action date if Effective Date is passed)
• ILM NOS processing :
• AD Account disabled on Effective Date (or on action date if Effective
Date is in the past)
• AD Account disabled on Effective Date on Effective Date (or on action
date if Effective Date is passed)
• Access to email discontinued due to de-activation of AD account
• Access to network resources discontinued due to de-activation of
AD account
24. BUSINESS USE CASE –
TERMINATION REQUIRING IMMEDIATE ACTION
Scenarios
• Terminations for cause
requiring immediate action
Business Process Steps
• Manager contacts HR directly to initiate termination
• Manager contacts Help Desk requesting immediate removal of Network access
• Manager contacts Security Watch Center requesting immediate badge
revocation
• Sys Admin works queue, picks up ticket, and de-activates NID in AD via the
“immediate termination” procedure which results in de-activation of NID,
discontinued access to email, and, discontinued access to network resources
• ILM NOS processing :
• If not already done so by the help desk, the AD Account is disabled on Effective
Date (or on action date if Effective Date is passed)
• If the account is disabled before the Effective date then ILM will try to re-enable the
account. Will need to put the accounts in the Un-Managed OU within AD
• ILM processing passes status changes to Badging Staging Table
25. BUSINESS USE CASE –
TERMINATION WITH SPECIAL BUILDING ACCESS
ARRANGEMENTS
Scenarios
• Terminations for cause requiring immediate
action
Business Process Steps
• Manager follows normal termination process
• Manager notifies Security to authorize post-
employment access
• Security authorizes badge for post-employment access
• ILM processing is the same as for Normal Termination
26. BUSINESS USE CASE –
TERMINATION WITH SPECIAL NETWORK ACCESS
ARRANGEMENTS
Scenarios
• Normal termination processing;
However, sys admin will re-
activate NID in AD
Business Process Steps
• Manager follows normal termination process
• Manager notifies help desk to authorize special post-
employment network or email access
• ILM processing is the same as for Normal Termination resulting
in deactivation of NID, and loss of access to email and network
resources; help desk then must restore this access:
• Help desk creates an axiom ticket and assigns to Sys Admin
• Sys Admin works queue, picks up ticket, and changes performs the
“re-activate network ID after termination” procedure which re-
activates the NID providing access to network resources and
Exchange mailbox
• ILM will try to disable the account after help desk enables it. Will need to
put the accounts in the UnManaged OU within and AD to prevent account
from being disabled
27. BUSINESS USE CASE –
TERMINATION LONG AFTER EFFECTIVE DATE
Scenarios
• Active or Leave EE changed to Term long after
effective date
Business Process Steps
• PS Data Entry performed
• ILM recognizes status change based on Action
Date (vs. based on Effective Date)
• ILM processes exactly the same as Normal
Termination
28. BUSINESS USE CASE – RETIREMENT
Scenarios
• Normal processing for Retirees
Business Process Steps
• Same as normal termination EXCEPT Badging will
change badge access to M-F; 8-5 vs. de-activating
access for normal termination
• The existing record is updated and will remain on
the Badging table with an Employee status of "R";
however badge access will be allowed M-F; 8-5 vs.
de-activating access for normal termination
• Employees who are considered retired could will
have their “Config” value populated and will remain
on the normal database view from PeopleSoft.
These could have a status of “T” but will be treated
as Active users
29. BUSINESS USE CASE – SEVERANCE
Scenarios
• "Normal" severance; building and network
access disabled
w/ or w/out pay and/or
w/ or w/out benefits
• Special building or network access arrangements
Business Process Steps
• Same as normal termination process
• The existing record is updated and will remain
on the Badging table with an Employee status of
"U" (Terminated), until a new status is received
• For Special building or network access
arrangements, see: “Termination with special
arrangements”
30. BUSINESS USE CASE – TRANSFER OUT OF CORPT
BUSINESS UNIT
Scenarios
• Normal Transfer out processing
• Transfer out of Business Unit with special
building access requirements
• Transfer out of with special network or email
access arrangements
Business Process Steps - Normal
• Manger initiates Transfer Out through Employee Data Change
Form
• HR enters Transfer Out from EE Data Request Form
• ILM Badging processing passes record to Badging staging table
• ILM NOS processing :
• AD Account disabled on Effective Date (or on action date if
Effective Date is passed)
• Access to email discontinued due to de-activation of AD account
• Access to network resources discontinued due to de-
activation of AD account
31. BUSINESS USE CASE –
TRANSFER OUT OF CORPT SPECIAL BUILDING ACCESS
REQUIREMENT
Scenarios
• Transfer out of Business Unit with special
building access requirements
Business Process Steps
• Manager follows normal Business Unit Transfer
Out process
• Same ILM processing as Normal Termination;
Trigger on Effective Date (or Action Date if
effective date is in the past)
• Manager notifies Security to authorize post-
employment access
• Security authorizes badge for post-employment
access
32. BUSINESS USE CASE –
TRANSFER OUT OF CORPT SPECIAL NETWORK ACCESS
REQUIREMENT
Scenarios
• Transfer out with special network or email
access arrangements
Business Process Steps
• Manager follows normal Transfer Out process
• Manager notifies help desk to authorize special
post-employment network or email access
• Help desk creates an axiom ticket and assigns to
Sys Admin
• Sys Admin works queue, picks up ticket, and
modifies access via the “transfer out with
special access” procedure to allow access to
former Exchange mailbox
• Sys Admin will need to place the users in the
UnManaged OU within AD since ILM will try to
disable the user
33. BUSINESS USE CASE – TRANSFER INTO CORPT
Scenarios
• Normal processing; PS data entry drives
NID/email creation
• Special handling; NID/email required
immediately
Business Process Steps
• Mgr completes EE Data Request Form
• Mgr initiates badge application process (form)
• HR enters data from EE Data Request Form
• ILM processing creates or re-activates NID,
email, Home Drive, and Default Groups
• ILM Badging processing passes record to
Badging staging table
• For Special handling, use the same process as
“New Hire Special handling”
34. BUSINESS USE CASE – DECEASED EMPLOYEE
Scenarios
• Normal processing
Business Process Steps
• Same process as normal termination
• ILM will set the Employee Status to “D” and the
Portal will not sync the user
35. BUSINESS USE CASE – DATA CHANGES
Name Change, Department change, Division
change, Business/Job Title Change, Company
change, Department Change
• Change initiated through manager or Admin on
Employee Data Change Form
• HR enters data from EE Data Request Form
• ILM updates the existing record in the target
systems - See Note
• No Provisioning or Deprovisioning will be triggered
since these are only triggered by changes to
Employee Status or by a change in Business Unit
(Transfer to/from)
Note: Email addresses and NID’s are NOT updated based
on name changes. Employees must contact the help desk
to have their name changed (ILM only sets the first name
/ last name attributes on the NOS account once when the
NOS account is created. The help desk can change these
attributes at any time)
Employee requests email change due to
name change
• No change to current process
• Employee contacts help desk to request
email address change
• Help desk creates an axiom ticket and
assigns to Sys Admin
• Sys Admin works queue, picks up ticket,
and changes email address in Exchange
36. BUSINESS USE CASE – MISC. DATA CORRECTIONS
Scenarios
• ID Delete - Employee was hired and then either
didn't show up or a mistake was made in the
hire process; ID Delete process is invoked
• Incorrect EE Terminated - Incorrect termination
fixed the same day
• Incorrect EE Terminated - Terminated EE
changed to Active in subsequent days
Business Process Steps – ID Delete
• Deletion of Employee ID in PeopleSoft triggers ID
delete processing in ILM
• AD Global ID is disabled.
• AD Network ID is disabled
• Exchange Mailbox access is disabled
• Home Drive access is disabled
• Notice sent to Badging of ID Delete (user record
on Badging staging table is set to status of T)
37. BUSINESS USE CASE – MISC. DATA CORRECTIONS
INCORRECT EE TERMINATED
Scenarios Business Process Steps
Incorrect EE Terminated - Incorrect
termination fixed the same day
No action - employee would stay active in all systems; the
overnight batch processing would not initiate in time to
recognize this change
Incorrect EE Terminated - Terminated EE
changed to Active in subsequent days
• LBC or CBA changes EE status to active
• ILM will recognize a status change to A and trigger the
same steps as re-hire processing
38. BUSINESS USE CASE –
CONTRACTOR CONVERTS TO EMPLOYEE
Scenario
• Contractor already has a NID/email – we
want to prevent ILM from creating a second
one
• This scenario occurs when a manual request
is performed to create a NID/email BEFORE
the PS New Hire Data Entry triggers the
creation of a second NID/email.
• Proper handling of this scenario requires the
Control M scheduling jobs (which control
ILM) be paused before the automated ILM
jobs are triggered by the PS data entry.
• This process requires timing coordination
between CSC, HR, and the ILM administrator
Business Process Steps
These process steps occur to prevent the creation of a second NID/email.
Steps
• HR Admin becomes aware that a contractor is being hired; HR requests
the help desk to create a Contractor to Employee conversion ticket and
assign it to the ILM administrator – include the action date
• Sys Admin works queue and responds to ticket and either creates NID,
email, Home Drive, and Default Groups or will move the existing
contractor account to the users OU; updates ticket
• The help desk updates the ticket with the date and time PS data entry
was or will be complete and routes the ticket to the ILM administrator
• ILM administrator requests that the Control-M scheduling jobs that
control ILM are paused for the processing cycle following when the PS
New Hire data entry occurred or will occur (usually overnight).
• The ILM administrator manually runs the jobs to prevent ILM from
provisioning an account. This is a 45 minute process. ILM badging
processing passes record to badging staging table
39. BUSINESS USE CASE –
CONTRACTOR CONVERTS TO
EMPLOYEE
Contractor already has a NID/email – we want to
prevent ILM from creating a second one
HRSubmits a ticket
HRAdmin becomes aware that a contractor is
being hired; HRrequests the help desk to create a
Contractor to Employee conversion ticket and
assign it to the ILM administrator – include the
action date
Go to the ILM Server and run the Manual Job
for Employee Morning Run 1. The Search MA
Delta Import and Delta Sync run then the
PeopleSoft Full Import and Delta Sync need to
complete
The help desk updates the
ticket with the date and
time PS data entry was or
will be complete and routes
the ticket to the ILM
administrator
Sys Admin works queue and
responds to ticket and either
creates NID, email, Home
Drive, and Default Groups or
will move the existing
contractor account to the
users OU; updates ticket
ILM administrator requests that the
Control-M schedulingjobs that
control ILM are paused for the
processing cycle following when the
PS New Hire data entry occurred or
will occur (usually overnight).
Also requeststhat the NOS ID is moved to
the Enterprise UsersOUor ILM cannot join
it the employee ID
Go to the ILM console and search the
Metaverse for the current contractor account
then disconnect the NOSEmployee MA
connector
Go to AD and delete the Contractor
account
Go to the ILM Joiner and search the
disconnectors against the NOS Provisioning
MA
Does the NID
exists?
YES
NO
Search ILM for the networkID you need
to join and disconnect it. Note what it
wasconnected to and put info in ticket
you will need to add that ID to the search filter on the
bottom pane to prepare for the join. Once you have your
returned record go to it’s propertiesthen go to the
“Connectors” , you will need to disconnect any NOS MA
objects
While highlighting the
disconnected NOSID in the top
pane and the new Employee IDin
the bottom pane, you will see the
“Join” button become available.
Click Join
Go to the Employee ID
propertiesthen go to the
“Connectors” , you will need to
disconnect the incorrect NOS
Provisioning MAobject
The next options is to either
allow the jobsto auto run or
to perform a “Commit”
previewof the data to force
the sync into the MV
The ILM .NETlogic has both
joined your selected NOSID
and has also provisioned an
additional NOSProvisioning MA
ID
ILM Admin
closes ticket
40. DAY 2: TEST LOCAL DATA FILES
• ILM has a capability to import data from a perimeter data source and then store into a “log” file
in a directory called “C:ILMMaDataPeopleSoft Employee MA”
• Within ILM for the Run Profiles, you can setup a profile to import data from a “log” file instead of
the actual data source. This allows for testing changes without the need of the data source
42. FUN TEST EXERCISE FOR “SELF-EVALUATION”
If time Exists Only
One person leaves the room while we break something and the other must fix it to win the round
The use cases will be the top 3 most common that increase the volume of calls to the help desk
2 out of 3 is the winner
Editor's Notes
Lesson descriptions should be brief.
Example objectives
At the end of this lesson, you will be able to:
Save files to the team Web server.
Move files to different locations on the team Web server.
Share files on the team Web server.
QA currently shares QAF4.COM and only the QRAC environment performs auto provisioning
ILM 2007 combines Identity Management and Certificate Management that together provide key elements of the Identity and Access Management (IDA) model. The identity management part of ILM was previously known as MIIS (Microsoft Identity Integration Server) and, before that, MMS (Microsoft Meta-Directory Server).