This is one of the main reasons why there is an on-going effort to see if Oracle Virtual Directory can be made an embedded component (as opposed to its own server), something that is part of the middleware stack, so that it can act as a "directory connector" service in the application environment, freeing up applications from having to code against the idiosyncrasies of the individual directories.
OK, I understand the approach. What about freeing us - I'm using the royal "us", or course - from the idiosyncrasies of the individual authentication methods? The individual authorization methods? The individual protocol methods? This is not a dig on Nishant but a more general statement that solving one piece of the puzzle still leaves the rest of the puzzle in front of you.
Who wants to get to the last piece of the puzzle only to find they are missing one or more pieces?!
Nishant goes on to further state:
"...a lot of people are looking to support AD without getting locked into AD, and that is driving demand for both OVD and other alternatives"Hmmm, sounds like a rose by any other name to me. People are looking to support AD without getting locked into AD but they are willing to get locked into Oracle or insert-your-favorite-vendor's-name-here?
And, finally, what's the big deal about being "locked into AD"? Have people forgotten that AD *is* an LDAP directory? You get "locked into AD" when you use it for desktop authentication otherwise it's just an LDAP directory with its own set of idiosyncrasies just like any other LDAP directory.
identity management, Oracle, ORCL, Active Directory, LDAP