Julian Bond: #FridayCocktail (a day late!)
10 hours ago
Jackson's comments, commiserations, confabulations and simplifications on identity management and Microsoft's Active Directory all based on his continuous "reality tour" of meetings with customers, ISVs and Microsoft.
City officials lost administrative control of the network's routers and switches for more than a week after an IT worker allegedly reset passwords and refused to reveal them prior to and after his arrest on July 13.
...it's useful to consider that AD is certainly the most pervasive directory and certainly there is no rational reason to try and displace it as the directory for Windows systems.
It's important because if you are using a component that interoperates with SAP and it is not certified then SAP will not support you if you call in with a problem.
Centralization is essentially the first step toward applying a uniform set of controls on all users and establishing the foundation for defining and enforcing identity management policies in an automated fashion.
Penrose is an open source identity integration platform which enables you to have a single, consolidated view of, and easy access to, all available attributes of an identity, regardless of location.
Kim Cameron, Microsoft’s chief architect of identity, is an enthusiastic advocate of information cards, which are not only vastly more secure than a password-based security system, but are also customizable, permitting users to limit what information is released to particular sites. “I don’t like Single Sign-On,” Mr. Cameron said. “I don’t believe in Single Sign-On.”
We use Active Directory to store our ESSO credentials and if we can't keep AD up I am not worried about SSO!