Adventures in identity management
I just saw The Imitation Game and, while mostly I was absorbed in the story and particularly Benedict Cumerbatch’s convincing performance, I did recognise some themes from Identity Management projects I’ve worked on. Note there may well be spoilers in this post – I think the Turing/Enigma story is pretty well known anyway, and the…
I was kind of shocked recently to hear about an organisation that had assumed implementing FIM would lead directly to cutting Service Desk positions. Over the years I’ve delivered a good number of successful IdM solutions that have taken all sorts of tedious, error-prone tasks out of people’s hands… but I don’t think any of…
I’ve been thinking about self-service lately. The FIM Portal is clearly designed with a strong focus on self-service and the permission-granting and flow of the approval workflows work a lot more seamlessly when people are requesting something for themselves. I wonder though – how many people are actually using it like this?
I’ve been busy recently moving myself and family back to our native Australia (though “native” there is a dubious term for my kids who have both lived their entire lives in Europe). We’re in “the Nation’s capital” Canberra now, and very cold it is too (for those northern hemispherarians who seem to think July is…
The title of this post is in tribute to LANexpert, where I have been a consultant for the last four years. It’s been a great time but today I bid my LANexpert collegues a fond farewell before moving back home to Australia. “Simplify Complexity” is LANexpert’s motto and I’ve always loved it. Overly-complex IT systems…
I was entertained by this comment in Jackson’s summary post about Neil MacDonald’s session at the Gartner Summit : Gartner’s position is that FIM 2010 is not a complete solution. It can be extended, and by 3rd party partners like Quest but it’s like going to the unfinished furniture store. It’s not a bad analogy –…
Identity management is made a heck of a lot easier if you have a fool-proof way of identifying someone – no wonder governments are so keen on the idea of identity cards. I make no claim either way on the id cards, but I will say that unique identifiers make ILM/MIIS system so much easier…
In the early stage of your ILM project, or whenever taking over some new aspect, It’s worth putting some effort in to drawing a clear picture for whoever has the job of approving your change. What I try to do is produce a spreadsheet that shows, very clearly, the adds and deletes; and in the…
ILM is tricky to learn whichever way you approach it. If you’re from a sys admin background, like me, then the dawning realisation that you have to code may come as rather a shock.
I had an interesting chat with an ILM collegue the other day, and one of the topics that came up was whether you should ever, under any circumstances, call external processes from extension code. The prohibition on calling external processes from provisioning (MVExtension) code is clear and well accepted (see the Calling External Processes section…