Enterprise IT Identity & Access Management
A Buyer's & Integrator's Guide - WebLog Version 1.0
Introduction to IAM Buyer's Guide
“Our vision for security is to create a world where there is greater trust — where people and...
Author: YaleLi Date: 04/01/2008
RSA 2007 Conference Take Aways
There was no much exciting news at RSA2007. I think I need to write a few things down here or...
Author: YaleLi Date: 02/09/2007
Review - ADFS v1 & Preview - ADFS v2
Active Directory Federation Service (ADFS) is a component of Active Directory released as part of...
Author: YaleLi Date: 10/25/2006
Review - Microsoft CLM Certificate Lifecycle Manager Beta 2
I reviewed CLM Beta 1 half year ago and rated it low. Now, CLM Beta 2 is ready for prime time and...
Author: YaleLi Date: 10/25/2006
IAM in TwC
I attended 2006 Microsoft EE & TwC Forum recently and tried to find out if there is any...
Author: YaleLi Date: 06/09/2006
IAM Strategy
IAM is a combination of processes, technologies, and policies enabled by software to manage digital...
Author: YaleLi Date: 06/08/2006
How to Reduce TCO of Identity & Access Management
Identity & Access Management is an expensive investment in IT. Here are some tips to reduce...
Author: YaleLi Date: 06/07/2006
Authentication Strategy
Authentication is the procedure through which a user or a device or a service (or application)...
Author: YaleLi Date: 06/06/2006
Authorization Strategy
Authorization (or establishment or entitlement) defines a user's (or process') rights and...
Author: YaleLi Date: 06/05/2006
Auditing Strategy
Auditing (also referred as Audit or Accounting or Accountability) ensures that the activities...
Author: YaleLi Date: 06/04/2006
How to Improve Security with Identity & Access Management
Every time I told a friend I got an IT security job, I was always asked a similar question "Do you...
Author: YaleLi Date: 06/02/2006
How to Increase Productivity with Identity & Access Management
With right IAM solutions, your business can increase employee's productivity (or avoid the loss)...
Author: YaleLi Date: 06/01/2006
Authentication Protocols and Standards
Some of most popular authentication protocols and standards are: · KERBEROS v5: Kerberos is an open...
Author: YaleLi Date: 06/01/2006
Microsoft Internal Solutions
Micorsoft IT has implemented several internal IAM solutions and here is a list of links. Enabling...
Author: YaleLi Date: 06/01/2006
Review - BMC Identity Management for .NET
BMC IdM for .NET offers a suite of solutions in .NET environment including workflow, directory...
Author: YaleLi Date: 06/01/2006
Microsoft Centric IAM Architecture
This is a Microsoft centric end to end B2E IAM architecture diagram. Most products are provided by...
Author: YaleLi Date: 05/06/2006
Review - MIIS SP2 Password Management Beta 1
A major new feature in MIIS SP2 is Q/A (question/answer) based password reset self service. The...
Author: YaleLi Date: 05/05/2006
Sample Code (VBScript) - Retrieve MIIS WMI Password History
This is a sample WMI script to retrieve password change history for a specific account through MIIS....
Author: YaleLi Date: 04/10/2006
Review - Microsoft IAM Group Management Solution
One of group management solutions is part of Microsoft Identity and Access Management Series and you...
Author: YaleLi Date: 04/05/2006
Microsoft Customer Solutions
If no product is available (or satisfies your needs) in the marketplace, you may have to build...
Author: YaleLi Date: 03/29/2006
Sample Code (VBScript) - Query CAPICOM
This script queries capicom com object to get cert expiration date. Capicom.dll must be installed...
Author: YaleLi Date: 03/29/2006
Microsoft Identity Integration Server 2003 Enterprise Edition - InfoWorld Test Report
Of all the contenders here, MIIS (Microsoft Identity Integration Server) 2003 stands out in two...
Author: YaleLi Date: 03/28/2006
Physical Access Control Technology
A typical physical access control system is made up of following components: - ID Credential - Door...
Author: YaleLi Date: 03/27/2006
User Authentication Mechanism (Method)
User authentication mechanism can use one of above factors or combine multiple factors to form...
Author: YaleLi Date: 03/27/2006
Sample Code (VBScript) - Compare Two AD Groups and Get Membership Difference
If you want two AD groups with the same membership but are afraid of mis-sync, I have a sample...
Author: YaleLi Date: 03/26/2006
Sample Code (C#) - Provision User Accounts and Groups with MIIS
Here is my sample code to provision AD use accounts and groups using MIIS MV Extension: // Use...
Author: YaleLi Date: 03/25/2006
Sample Code (T-SQL) - Protecting Identity Data with SQL 2005 Data Encryption
There are multiple ways to protect (encrypt) data with SQL 2005: either using certificate or...
Author: YaleLi Date: 03/25/2006
Sample Code (C++) - Scan Certificate Expiration Date Remotely
It is hard to find a tool to check certificate expiration date on a remote machine without logon...
Author: YaleLi Date: 03/25/2006
Sample Code (Command) - Windows Vista Domain Join with smart card
After you require smart card interactive logon in your environment, the traditional domain join will...
Author: YaleLi Date: 03/25/2006
Review - M-Tech ID-Sync
M-Tech has a suite of Identity Management products. ID-Sync is a user provisioning tool. Pros: -...
Author: YaleLi Date: 03/25/2006
Ways to Compromise Password
Passwords are vulnerable by virtue of the following attacks: Password Cracking Tools - A variety of...
Author: YaleLi Date: 03/24/2006
User Authentication Factors
There are four authentication factors: Something one knows: The concept here is that if the user...
Author: YaleLi Date: 03/24/2006
Thor XellerateIM 8.0 - InfoWorld Test Report
During the months we spent planning for this test, we had two five-minute phone calls with Thor...
Author: YaleLi Date: 03/23/2006
Courion Enterprise Provisioning Suite 7.20 - InfoWorld Test Report
Courion Enterprise Provisioning Suite 7.20 includes ProfileCourier, a user-profile store;...
Author: YaleLi Date: 03/22/2006
Novell Identity Manager 2 - InfoWorld Test Report
Novell's identity management solution relies heavily on the company's directory server, eDirectory,...
Author: YaleLi Date: 03/22/2006
IBM Tivoli Identity Manager 4.6 - InfoWorld Test Report
To reach into the various moving parts of our enterprise, ITIM (IBM Tivoli Identity Manager) 4.6...
Author: YaleLi Date: 03/22/2006
Sun Java System Identity Manager 5.5 - InfoWorld Test Report
We didn't see much whizbang innovation in Sun Java System Identity Manager 5.5, but we did find a...
Author: YaleLi Date: 03/22/2006
Oracle Identity Provisioning - InfoWorld Test Result
Failed test and no result. However, Oracle bought Thor recently so please see Thor Test Report.
Author: YaleLi Date: 03/22/2006
Review - Microsoft CLM (Certificate Lifecycle Manager) Beta 1 (renamed from Alacris)
Don't let the word "Beta" fool you. CLM Beta 1 is actually renamed from the latest Alacris RTM...
Author: YaleLi Date: 03/20/2006
Generic IAM Architecture
This is a basic end to end B2E IAM architecture diagram. Yellow areas form an IAM system and...
Author: YaleLi Date: 03/20/2006
Review - Quest ActiveRoles Server
Quest ActiveRoles Server enables automatic user/group provisioning and make entitlements management...
Author: YaleLi Date: 03/18/2006
Review - Axalto .NET Smart Card
Axalto (Schlumberger) has developed the new .NET Card Technology to seamlessly integrate with...
Author: YaleLi Date: 03/17/2006
Systems Management Stategy
Digital identities includes not only people but also devices, such as machine account and machine...
Author: YaleLi Date: 03/17/2006
Review - RSA SecurID
SecurID for Windows fully integrates with Microsoft's Active Directory and enables domain-level...
Author: YaleLi Date: 03/16/2006
Review - Real User PassFace
Real User's Passface™ system is a cognometric method of personal authentication - based on the...
Author: YaleLi Date: 03/15/2006
IAM Job Opening at Microsoft
Author: YaleLi Date: 03/14/2006