MidPoint 3.4 (Heisenberg) Released

MidPoint 3.4 code-named “Heisenberg” was released a few days ago. This is the sixteenth midPoint release since the project started all these long years ago. MidPoint went a very long way since then.

The Heisenberg release is the best midPoint release yet. We have finished access certification functionality, which makes midPoint the very first open source product to enter the identity governance and compliance playing field. We have also improved midPoint internals to better handle inconsistencies of resource data and we have also made many small internal improvements to increase robustness. This was one of the inspirations for the code-name. Similarly to Heisenberg’s uncertainty principle midPoint accepts that there is a degree of uncertainty when it comes to processing of the identity data. It may not be practically possible to always base the decisions on authoritative data. Practical identity management system needs to accept that the identity data are always in a state of flux – and midPoint does just that. And it manages the data reliably even in situations where other systems fail miserably. […]

midPoint goes multitenant

The organizational structure in midPoint does not always represent a typical enterprise. In case of multitenant setup in the cloud, the organization units represent “tenants” which are completely independent. In enterprise organizations, the sub-organizations and their members are usually readable (to some extent) to all members. In the multitenant setup must maintain tenant isolation. How can this be done using midPoint? […]

OpenLDAP Management: slapdconf

I like OpenLDAP. OpenLDAP server is famous for its speed and good open source character. But it is really infamous for ease of management. Or rather a lack of anything that could be called “easy” when it comes to managing OpenLDAP. Managing OpenLDAP content is not that difficult. For manual management there is excellent Apache Read more about OpenLDAP Management: slapdconf[…]

Provisioning to Unix in 5 steps

Do you need to manage different linux machines? Are you struggling with that? Are you losing track of which user can access which Linux machine? Are users upset with different logins for different linux machines? If you answer positively at least one question, I’ll try to alleviate your everyday suffering with this blog. If your answers were no Read more about Provisioning to Unix in 5 steps[…]

Smart Match

In identity management there is a class of petty issues that appear and re-appear all the time. Even though these issues are easy to understand, they are tricky to completely eliminate and they often have very nasty consequences. These seemingly unimportant issues frequently result in nights spent resolving a total breakdown of IDM system. What is this devil that kills sleep and keeps engineers away from the families? It is the daemon of case insensitivity and his friends. […]

Problem Analysis with Evolveum Log Viewer

Life of a midPoint developer is a colorful one. There are enjoyable periods of building things when you have a luxury of undisturbed raising smaller or larger pieces of code. But sometimes there comes an interrupt: you break something in such a way that you are not able to find what is wrong – for hours or even for days, occasionally. Also regularly, after “feature freeze” points, there arrive periods of intensive and merciless hunting of remaining bugs. Besides this, often a colleague, customer, partner or a friend on the mailing list comes with a problem he or she urgently needs to help with.

The core of midPoint – IdM Model Subsystem – is an extremely powerful and flexible computation engine. It can be configured to implement almost all policies one could imagine. But with such flexibility comes potential (and sometimes very real) complexity: for more advanced configurations it is very easy to make a mistake that, with a bit of bad luck, manifests itself in a quite unexpected way.

[…]

FOSDEM 2016 and my first talk?

On Monday, I travelled back home from FOSDEM Conference which I was attending for the second time. Last year I was only an attendee enjoying the atmosphere made by all these open-source positive people, but this year I decided to move further and try to apply for a talk. When I was sending a proposal Read more about FOSDEM 2016 and my first talk?[…]

Infrastructure Provisioning in context of organization

At present, companies go for moving their infrastructure to the clouds, which became synonyms for cost efficiency. Instead of using public cloud, why not to create your own exactly according to your needs? OpenStack is one of the options there for you. By deploying identity management system (midpoint) in different companies I learnt people have different Read more about Infrastructure Provisioning in context of organization[…]

MidPoint Deployment Workshop Challenge

During the last weeks of 2015, the Evolveum team was partially “distributed” around the Europe. There were multiple conferences and similar public events and also two midPoint workshops led by me, in Switzerland and Germany. I used to lead a lot of trainings and workshops in Evolveum and also before, but the workshops are usually more challenging, especially when they are organized for the partners, not the end customers. The partners usually already have experience with different products and try to match the features during the courses. Their expectations are both specific to a project and also abstract – conceptual. MidPoint deployment workshop can be very effective way how to boost your midPoint knowledge in a couple of days.

[…]

Different Naming Conventions For Different User Types

The user naming attribute “name” is a string attribute and can be defined manually. MidPoint will ensure that the value of this attribute is unique. Although for small setups there is no problem with entering this attribute value manually, it can be usually defined by an expression based on various UserType object properties (attributes). In Read more about Different Naming Conventions For Different User Types[…]