If no product is available (or satisfies your needs) in the marketplace, you may have to build something yourself. Currenlt, I am unable to post my own custom IT IAM solutions (such as group management, remote access management, smart card management...

This script queries capicom com object to get cert expiration date. Capicom.dll must be installed and registered in order to run this script. If you need additional cert info, you can just add more CAPICOM Cert object properties to my sample code. ...

Of all the contenders here, MIIS (Microsoft Identity Integration Server) 2003 stands out in two ways. First, it's by far the cheapest, at least at first glance (more on that later). Second, it's unique in leveraging several features of Windows, as well...

A typical physical access control system is made up of following components: - ID Credential - Door Reader - Door Lock - Control Panel - Access Control Server - Software - Database The access control process begins when a user...

User authentication mechanism can use one of above factors or combine multiple factors to form strong authentication. The following are major user authentication mechanisms (methods): · Badge and identity card: Identification badges are usually used...

If you want two AD groups with the same membership but are afraid of mis-sync, I have a sample script to find the delta: On Error Resume Next Dim strGroup1, strGroup2, iArgs, oArgs iArgs = Wscript.arguments.count Set oArgs = Wscript.arguments ...

Here is my sample code to provision AD use accounts and groups using MIIS MV Extension: // Use Visual Studio to build using System; using Microsoft.MetadirectoryServices; namespace Mms_Metaverse { public class MVExtensionObject : IMVSynchronization...

There are multiple ways to protect (encrypt) data with SQL 2005: either using certificate or password. Here is my code sample to use a password to encrypt identity data (assuming the identity table name as tblIdentity_SmartCard table, the identity...

It is hard to find a tool to check certificate expiration date on a remote machine without logon locally. Here is my code to accomplish this job: // to build: cl scancert.cpp -link crypt32.lib //----------------------------------------------------...

M-Tech has a suite of Identity Management products. ID-Sync is a user provisioning tool. Pros: - Built in workflow engine - Integration with Microsoft MIIS - Provided SAP MA - Fast provisioning time - Provision of non-HR identity data...

After you require smart card interactive logon in your environment, the traditional domain join will not work because you don't have a password. Windows Vista resolves this problem by allowing domain join with smart card. However, this new feature will...

Passwords are vulnerable by virtue of the following attacks : Password Cracking Tools - A variety of software tools, such as L0Phtcrack and NT Crack, automate the guessing of passwords through brute force and with extensive dictionaries of frequently...

There are four authentication factors: Something one knows: The concept here is that if the user knows a pre-determined secret, he or she must be the right person. The common type of secret is a password or a PIN, though other schemes like images...

During the months we spent planning for this test, we had two five-minute phone calls with Thor Technologies. The first was to invite them to the test, and the second was to discuss the test scenarios. Their response after reading the test plan was simply...

Courion Enterprise Provisioning Suite 7.20 includes ProfileCourier, a user-profile store; PasswordCourier, a metapassword repository; and ComplianceCourier, a policy-control module aimed at tying the other modules together for managed security. Courion...

Novell's identity management solution relies heavily on the company's directory server, eDirectory, which does a fine job as an identity vault. Building on eDirectory to incorporate directory information from across the enterprise, Identity Manager takes...

To reach into the various moving parts of our enterprise, ITIM (IBM Tivoli Identity Manager) 4.6 used custom agents that we installed on every managed resource, including our AD domain controllers, database servers, and so forth. The agents hold a reasonably...

We didn't see much whizbang innovation in Sun Java System Identity Manager 5.5, but we did find a level of reliability and maturity that's rare for this segment. Sun's entire identity management suite consists of Access Manager, Directory Server Enterprise...

Failed test and no result. However, Oracle bought Thor recently so please see Thor Test Report.

Don't let the word "Beta" fool you. CLM Beta 1 is actually renamed from the latest Alacris RTM version. Pros: - Turn key system and no coding is required - Can manage both smart cards (including USB tokens) and certificates - Feature rich...

This is a basic end to end B2E IAM architecture diagram. Yellow areas form an IAM system and dependancies are in green. Identity & Access Management Architecture - B2E Generic

Quest ActiveRoles Server enables automatic user/group provisioning and make entitlements management easier. Pros: - Rule based automatic provisioning - Role based administration - Easy to navigate UI - AD focused but also handle Unix/Linux...

Axalto (Schlumberger) has developed the new .NET Card Technology to seamlessly integrate with current software such as Word, Exchange, Windows XP, Windows CE, and upcoming products based on the .Net technology. The technology contains a multi-application...

Digital identities includes not only people but also devices, such as machine account and machine certificate, and applications (or software services). Therefore, there is a small overlapped area between systems management and IAM. Although systems management...

SecurID for Windows fully integrates with Microsoft's Active Directory and enables domain-level access management along with new offline capabilities. At backend, RSA ACE Sever is required. The client requires the RSA ACE/Agent installed. The SecurID...