Brochure Buzzwords - Identity Management, Provisioning
Brochure Buzzwords are concepts picked up from White Papers, Conference Presentation and Brochures that give a false impression of a whole picture. Identity Management definitely falls into this category. I think the reason is that Identity Management, or at least the buzzword portion of what people think they know is that the buzz can be comprehended by anyone with a user id and password.
Like all the topics that can fall into the Brochure Buzzword area, Identity Management can spin out of control into something that it's not very quickly. Generally the problem around Identity Management or IdM for short, is that corporations that have the biggest problem with it are the ones that have no control over their own department's bureaucracy for ownership. Everyone thinks that since they understand a few buzzwords they should own the project. In reality, they know the easiest and simplest technical aspect of IdM which is provisioning.
Let's take a peek at the definition of User Provisioning - "User provisioning refers to the creation, maintenance and deactivation of user objects and user attributes, as they exist in one or more systems, directories or applications, in response to automated or interactive business processes."
If you are technical person, you understand that this is maybe 10-20% of IdM, if you are outside of IT in HR, Accounting, on a Business Development team, you see this as automatic user creation and that's it! So you rush out and buy millions of a IdM system, implement it, fight for months or more over automatically creating accounts and stop. You know what, give me the $2 million and I will give you something that created user's automatically. Here it is -
Option Explicit
Dim strUser
Dim objRootLDAP, objContainer, objNewUser
strUser = "DomGuy2"
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootLDAP.Get("defaultNamingContext"))
' Build the actual User.
Set objNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
objNewUser.SetInfo
WScript.Quit
I'll schedule it, maybe a $500,000 modification to have it read from a text file, and there you have a provisioning system as most of the company sees it for IdM. Hey, I work cheap, comparatively speaking.
Provisioning is NOT Identity Lifecycle Management!!! If you spend more than 2 months on provisioning you should be creating accounts in 100 directories and servers. This is where the Buzzword assumptions kill true progress to get to where everyone wants to be but think provisioning alone will get them there.
Continued on the next page
Follow Technorati