12.17.2015 - LDAP Migrations Made Easy – Part 2
In LDAP Migrations Made Easy – Part 1, we discussed several common migration challenges dealing with schema, paging and Directory System Agents (DSA’s) that can easily be avoided by using a Virtual Identity Server. In this post we will cover several other challenges involving Directory Information Trees (DIT’s), Access Control Lists (ACL’s) and password migration and how to overcome them with the end result being an efficient, seamless and secure migration. ...
12.10.2015 - That Synching Feeling I Get From Cloud SSO
Single Sign-On is all the rage these days. Organizations are looking to ease the hassles and expenses related to user passwords. Single sign-on (SSO) is a user authentication process that permits a user to enter one name and password in order to access multiple applications. This can help reduce the number of calls to a help desk for access issues, thereby reduce the operating cost for the organization. The latest market trend is to take this a step further and leverage external companies for SSO. By using products that offer SSO as software as a service (SaaS), an organization can greatly reduce the expense related to the management of these integrations. However, when an organization moves their SSO infrastructure into “the cloud” there are new risks to be considered. ...
12.2.2015 - Bridging the OAuth2/SAML2 Divide, Part 2
In Bridging the OAuth2/SAML2 Divide, Part 1, we talked about how an identity broker can be used to bring OAuth2 and OpenID Connect into a SAML2 federated environment. We talked about how Optimal Federation and Identity Services (OFIS) can be used as a federation proxy to bridge OAuth2 and OpenID Connect to a SAML2 identity provider without requiring user identity information to be synced to the cloud. ...