Identity Management Tips, Thoughts and Opinions

Matthew Pollicove

Subscribe to Matthew Pollicove : eMailAlertsEmail Alerts
Get Matthew Pollicove via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

The Tao of IDM

The best soldier does not attack. The superior fighter succeeds without violence. The greatest conqueror wins without struggle. The most successful manager leads without dictating. This is intelligent non aggressiveness. This is called the mastery of men. 
So why would I lead an Identity Management blog entry with a quote from the Tao Te Ching? Basically it sums up a recent issue I had in my current project.

As a part of this project, I am helping to get a young engineer familiar with IDM.  Working together we needed to create a query that would return only specific types of users for an IDM export Job.  I explained the basic process for executing the export and watched him work on various queries to return the correct users, while advising him about database structures and useful techniques. As an elaborate query began to take shape it was starting to look way too complicated.  I started thinking that there had to be a better way to accomplish our task.

Then I remembered that since we were doing a "To Database" task we could specify the Identity Store as the source and used the built in editor to build the correct query.  It took seconds to build and we quickly checked the query by doing a copy/paste to Microsoft SQL Server.  It worked perfectly and we were up and running.

Here's an example of the query that we created:

So what's the takeaway on this?  Look to see what the system can do rather than build something from the outside. At the very least, use the tools to build the query and then customize it (just remember that using an external query editor on the edited query make using the built in tool not work). 

And here's how easy it was to generate the query:

There's no need to reinvent the wheel

Read the original blog entry...

More Stories By Matthew Pollicove

Matt Pollicove is an Identity Management architect, engineer, trainer, project manager, author and blogger with experience in user account provisioning, data synchronization, virtual directory and password management solutions. As a MaXware Technical Consultant and later as a System Engineer, he worked extensively with MaXware (now SAP) software products in large customer environments. In the past Matt has worked with several leading national and international consulting firms and is currently a Sr. Principal Consultant for Commercium Technologies. He is currently the Practice Lead for SAP NetWeaver Identity Management and SailPoint IIQ.