Identity Management Tips, Thoughts and Opinions

Matthew Pollicove

Subscribe to Matthew Pollicove : eMailAlertsEmail Alerts
Get Matthew Pollicove via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Matthew Pollicove

Whether working on user provisioning, password management, compliance, directory virtualization or meta-directory projects, the first step has always been about checking the data and making sure that it is clean. What constitutes clean data, and how do we get it that way? This is almost certainly the most important question that should be addressed when considering an Identity Management project. When considering User Provisioning project, there are a few basic things to consider: Is the data authoritative? It’s important that the data going into the provisioning solution comes from authoritative sources. Such sources would include HCM, Active Directory, etc. Does the data include a unique identifier (UID)? This can be a tricky value. Depending on legal and compliance rules, some attributes are not usable in a UID. Furthermore, UIDs that are based on name components... (more)

Using VDS to Promote Efficiency

It's been a while since I posted here, but it's not because I'm not working on NetWeaver IDM or writing. I've been doing a lot of the former and a bit of the latter.  In order to help promote the growth of a NW IDM technical knowledge base, I've been posting most of my IDM specific things on the SAP Community Network Blog. I'll still be posting here from time to time, but it will more likely be architectural or opinion related pieces about IDM. To that point I'd like to talk about the seldom discussed Virtual Directory Server. I've always loved VDS and it's MaXware predecessor, MV... (more)

Why do We Bother With Server Virtualization, Anyway?

This is something that has frankly astounded me over the years...  For years vendors such as VMWare and Microsoft have been telling us about the flexibility, power and savings inherent in consolidating Servers into Virtual Machines. For some reason, the rest of the software industry has not caught on to this and think that this is not a scalable architecture.  I'm amazed.  I don't think any of these software firms have ever looked at a manual or talked to the vendors or their customers running virtual data centers. There's no reason production implementations cannot run on a VM.  M... (more)

SECUDE’s FinallySecure Enterprise Receives FIPS 140-2 Certification

SECUDE's hybrid full disk encryption solution, FinallySecure Enterprise, has received the FIPS 140-2 Level 1 certification. Commenting on the certification, Michael Kummer, Product Manager, SECUDE IT Security LLC, says, "SECUDE has been providing IT security solutions to large enterprises for more than 12 years. Our customers have always appreciated the quality and level of security SECUDE provides and this certification is a further continuation of that effort". The Federal Information Processing Standard 140-2 (FIPS 140-2) is a standard that describes US Federal government requ... (more)

Too Much in the JAR

Recently had a problem where Import/Export was not working.  I kept getting an interesting Error Message: What was really interesting about this was the user that was referenced, mxmc_admin.  Now this is interesting, because during the Identity Store creation process, you are prompted to use mxmc_rt as the user and there is no time during the install that you are asked to create a JAVA based connection string using mxmc_admin. This started a great deal of troubleshooting and conversations with people who have a great deal of knowledge with IDM's moving parts. Ultimately we wound... (more)