real-life-story-of-scimv1-and-connid-part-2

Real life story of SCIMv1 and ConnId, Part 2

When our interconnection of various services by using midPoint, SCIMv1 protocol and Connid framework was ready, we proceeded to testing. While looking around for services supporting the SCIM protocol we stumbled upon two quite popular ones. Salesforce and Slack which both support the SCIM 1.1 specification but both on their own way with a couple of[…]

real-life-story-of-scimv1-and-connid

Real life story of SCIMv1 and ConnId, Part 1

When implementing a connector for the Midpoint identity management solution, there is a potential to interconnect a broad spectrum of services. Using the System for Cross-domain Identity Management (SCIM) protocol seems as a road to take. We are also working with the connId framework. It provides a means for building identity connectors in a more[…]

Posix Groups

Simplifying LDAP Group Management Using MidPoint: Part II – Posix Groups

Unix/Linux servers can be configured to authenticate and authorize against LDAP server, by using LDAP accounts and groups. With some Identity Management solutions you can put users to these groups, but you need to manage the groups by the native LDAP tools. This is not the case with midPoint! MidPoint allows you to create not[…]

SunIDM Migration Architecture

Sun IDM Migration Architecture

Sun Identity Manager a.k.a. Oracle Waveset is a software product at the end of its lifecycle. Yet many organizations still operate Sun IDM solution because they haven’t found any reasonable migration path. But now there is a migration path that leads to the most comprehensive open source IDM solution: Evolveum midPoint. In the previous two[…]

Simplifying LDAP Group Management Using MidPoint

Simplifying LDAP Group Management Using MidPoint

Many applications connected to LDAP use LDAP groups for authorization. With some Identity Management solutions you can put users to these groups, but you need to manage the groups by the native LDAP tools. This is not the case with midPoint! MidPoint allows you to create not only LDAP accounts, but also the groups so[…]

Query playground

Query playground

At many places in midPoint we can (and sometimes have to) specify queries in order to find one or more objects in the system. We do this e.g. when we want to restrict objects (like users, roles, resources or services) shown on the screen, when selecting objects that are to be included within a report,[…]

From Waveset to Midpoint, part 1

From Waveset to midPoint, Part 1

Back in 2000s the Sun Identity Manager was the king. It was the best IDM product pursuant to Gartner. It had a good market share. And according to my experience it was actually the only practical IDM system on the market. Sun Identity Manager is now dead. It died in 2010 when Sun Microsystems was acquired[…]

midPoint goes multitenant

midPoint goes multitenant

The organizational structure in midPoint does not always represent a typical enterprise. In case of multitenant setup in the cloud, the organization units represent “tenants” which are completely independent. In enterprise organizations, the sub-organizations and their members are usually readable (to some extent) to all members. In the multitenant setup must maintain tenant isolation. How[…]

Provisioning to Unix in 5 steps

Provisioning to Unix in 5 steps

Do you need to manage different linux machines? Are you struggling with that? Are you losing track of which user can access which Linux machine? Are users upset with different logins for different linux machines? If you answer positively at least one question, I’ll try to alleviate your everyday suffering with this blog. If your answers were no[…]