Identity Integration: SMS Gateways and Fax Gateways

Integrating Fax and SMS Gateways into Identity Management Infrastructures

We were recently contacted by a UK-based organisation with an extremely large workforce and directory implementation of nearly 2 million user objects. This organisation obviously has a considerable requirement for managing their distribution lists but threw us a bit of a curve ball by also telling us that they wanted to incorporate Fax and SMS gateway users into their distribution list management architecture and could we provide assistance or advice?


They had come up against the usual Fax and SMS gateway issues as everyone else, and it was causing them a major headache - when adding an object to a distribution list, the object itself is added but the only value that is actually used by the DL is the primary address value. Therefore a user or contact object can have an email address, a fax gateway address and an SMS gateway address, but the only value which is used by the DL is the primary value, typically the email address, other wise there would be all sorts of issues!

Of course, there is no way around this DL architecture requirement, or at least not at first sight, but with a bit of work and thought, we have designed a series of connectors in Novell's Identity Manager and also incorporated Imanami's SmartDL to produce an excellent response to this problem.

We are planning to share this technology with our clients, so if you are interested in incorporating automated distribution lists into fax and SMS gateway solution and wish to manage the whole object lifecycle, please let us know so we can show you how it's done!

Imanami Prevents Group Glut: Windows IT Pro, May 7th 2008

An interesting article just got release by Windows IT Pro extolling the virtues of Imanami's group and Active Directory management solutions.

Take a look at the article here: http://windowsitpro.com/article/articleid/99075/imanami-prevents-group-glut.html

Enjoy!

Phil

Diary of an Identity Project #2

Apologies for not maintaining the diary of the identity project; the first two days of the project have been spent discussing targets, technical platforms, Active Directory contents, and incorporation into SharePoint and Microsoft's Enterprise Search solutions, so it's been extremely busy and all hands to the pumps.

Typically in an identity project we attend site to undertake an in-depth investigation, scoping and proposal, which gives both ourselves and the client the opportunity to examine the facts and mull them over before arriving at a project methodology and a series of work packages. With this engagement, due to time constraints on the client side, we have not been able to scope the work beforehand but have set aside the first 3 days of the engagement do perform this task.

The client has a SQL database (at leat we were told it was SQL; it turned out late yesterday afternoon that it is in fact MySQL and located in a hosting centre remote from the offices - these are the small things that crawl out of the woodwork during a scoping exercise that make so much difference!). The database is completely stand alone and has been developed to store contact details of users and partners. There was never any intention to have any connection to the client's Active Directory, and as a result there is no common key easily available within the two systems.

The most likely key for us to use is the email address within the SQL rows, and the mail attribute in AD. The problem being here that only about 60% of the 15,000+ users have the mail attribute populated, and that raises another issue: the reason not all objects have a mail address populated is because the client maintains a Notes environment. This means that all users have an AD user account but Notes users also have a contact object which has the mail attribute populated, so using mail as a key is impossible on its own.

Therefore we are now investigating the adoption and population of a logon ID or sAMAccountName column in the SQL database, which is a big task, but as sAMAccountName is not in the contact object schema we can safely adopt this attribute as our primary key, *IF* we can get it populated.....

Diary of an Identity Project

We were chatting last week about what people actually understand when they hear the term 'identity management', and after asking a few people and carrying out a quick straw poll we have decided to expand on our thoughts on the subject.

To go a step further we have also decided to publish a diary of an identity project that we are just about to engage with so that we can pass on tips and tricks and give everyone an idea of what we mean by 'identity management'.

Of course, this will only be one aspect of idm, and there are many more, and yes, we do those as well!

For now though, the engagement we will be describing has a number of phases and deliverables, but the main deliverable is to synchronise a SQL database with Active Directory so that the latest information in the SQL database is always used to update AD and to keep it up to date.

Interestingly enough, the database itself isn't a HR database, and so it isn't necessarily authoritative when it comes to user accounts and numbers of accounts. What it is authoritative for is a number of key attributes such as phone number, address, company, department, title, and some others that we'll use and populate into extensionAttributes.

Before all this can start though, we have a different problem to overcome, and this involves out of date AD account information. More on this tomorrow when we have agreed how we want to address the problem!

Phil

Self Service Password Management

We at InfaTech have been working with password management for some time and have been searching for the best tool available for use in identity solutions and Microsoft networks.

This week, we have signed a strategic agreement with Tools4Ever (http://www.tools4ever.com) to market their Self Service Reset Password Manager (mush easier as SSRPM!) across the United Kingdom.

We have already a lot of experience of SSRPM as we have been working with it for some time. We find its flexibility and stability to be second-to-none, and its reporting facilities are plainly without peer in the market.

Contact us at sales@infatech.com for a demonstration of SSRPM and look forward to reducing the constant strain on your company helpdesk!

Active Groups: Competitive Upgrade Allowance

Infant Technology and Imanami are pleased to announce their Competitive Upgrade Allowance for companies wishing to upgrade from Quest's Active Groups product to Imanami's SmartDL.

This upgrade allowance is valid until March 31st 2008. For further details contact sales@infatech.com.

Phil

Are you an Active Groups User?

We have been working closely with a number of users of Quest's old Active Groups product recently. Now that Quest has removed support for Active Groups and wants customers to upgrade to their Active Server Roles suite, more and more organizations are choosing to opt out because they feel that ASR is just too much for them at the current time.

Additionally, Imanami has built in an AG Importer into its SmartDL product so that organizations wishing to move away from AG can now ease some of the work by being able to automatically import AG's Basic Group types straight into SmartDL.

SmartDL also offers enhanced features above the old AG product so it's worth a look anyway.

Microsoft Messaging and Mobility User Group: March 17th 2008

Infant Technology will be presenting to the MMMUG at their March meeting, to be held at the offices of Berica Ltd in Warwick.

At this meeting, Phil Kelly will be presenting on the subject of Identity Management, and will concentrate on the issues and tips to make a successful identity project, specifically focussing on Exchange environments.

Also at the event, Microsoft's Neil Johnston will be discussing the new features in Exchange 2007 SP1.

If you would like to attend this user group (and remember, no membership is required) you simply need to register. To do this, please visit: http://www.mmmug.co.uk/forums/thread/1995.aspx

I look forward to meeting you there and a great discussion on identity management!

Phil