If you’re attending this year’s Gartner IAM Summit, things might be a bit different than what you’re used to. I’ve attended other Gartner events this year, as well as other industry IAM-related events, and the thing I’ve noticed is that IAM is no longer on an island. Where IAM was seen as black magic by…
As organizations respond to the current sea change in the way people work as well as what they use as their office, most organizations still have a ways to go in terms of keeping remote access secure and effective while at the same time reigning in costs. Although most all companies are continuing their shift…
The bring-your-own-device (BYOD) trend isn’t just for the enterprise. More and more emergency responders, such as Fire & Rescue NSW and police departments around the world are extending their computer-aided-dispatch (CAD) systems to include mobile devices. CAD allows emergency dispatch personnel to share knowledge of changing events with officers in the field. In the City…
This is an update to my previous Cool Solution: Integrating Salesforce.com and NetIQ Access Manager using SAML2. If you are new to SAML2 and federation, you may still find my first article useful as I endeavored to explain each concept as each configuration step is described. This article is not inclusive, but an update to that article. In the years since it was written, several new features related to SAML have been added to Salesforce.com. I describe some of those here and also add some extra tips along the way.
This article explains how to retrieve, manipulate, and send data in a SAML assertion that is not available from the configured user store in a SAML assertion – “external data”.
A quick how-to guide on how to combine CLE (Client Login Extension) and SPA (Secure Password Administrator, an extension of DRA) to provide self-service URL for Windows Logon.
Updated: PWM v1.6.0 has been released. PWM is an open source password self service application for LDAP directories. PWM is an ideal candidate for organizations that wish to “role their own” password self service solution, but do not wish to start from scratch.
An update to the verry handy cool solution Sample Code – LDAPNetAddr
I found that recently our edir returned an addresstype 9 (tcp) instead of 1 (IP), which wasn’t handled correctly by the sample code. I’ve modified the code to handle these addresses correctly.
The output from ldapsearch is sent to stdout as LDIF (LDAP Interchange Format). The format is reasonably readable, but not very flexible. In particular, lines longer than 78 characters are split, with the following line starting with a space. In many cases it is necessary to post-process the output to make it more readable. To obtain the output in single line one useful trick is that piping the LDIF through perl will undo the line splitting mentioned above (lines starting with a space are joined to the previous line). Use the following command of perl to undo the splitting.
Perl program to recreate all the default ACL’s for users.