Weitere ähnliche Inhalte Ähnlich wie Simplified, Robust and Speedy Novell Identity Manager Implementation with Designer, Analyzer and iManager (20) Simplified, Robust and Speedy Novell Identity Manager Implementation with Designer, Analyzer and iManager1. Simplified, Robust and Speedy
Novell Identity Manager
®
Implementation with IDM Tools
Designer, Analyzer, and iManager
Yogesh Rao Vivek Thakyal
Product Manager Senior Software Engineer
ynaras@novell.com tvivek@novell.com
2. Agenda
• Introduction
• Analyzer Background
• Analyzer New Features
• Designer Background
• Designer 3.5 New Features
• Designer Upcoming Features
• iManager Background
• iManager New Features
• Question and Answer
2 © Novell, Inc. All rights reserved.
4. Novell Identity Manager Solution
®
Development Process
– Interview System Owners
– Write Business Rules
– Analyze and Scrub Data
– Model the Applications
– Deploy to Test setup
– Write Policies
– Test Policies
– Deploy to Production
– Document the Project
– Administration
4 © Novell, Inc. All rights reserved.
5. Novell Identity Manager Solution
®
Focus Areas for Designer, Analyzer, and iManager
– Interview System Owners
– Write Business Rules Analyzer
– Analyze and Scrub Data
– Model the Applications
– Deploy to Test setup
– Write Policies
Designer
– Test Policies
– Deploy to Production
– Document the Project
– Administration iManager
5 © Novell, Inc. All rights reserved.
8. Analyzer Introduction
A project based on Eclipse with tools for:
• Data Analysis
• Data Cleansing
• Data Reconciliation
• Data Reporting
8 © Novell, Inc. All rights reserved.
9. Availability
• Currently available as a part of Compliance
management Platform
• Available as a part of Novell Identity Manager code
®
name – Dorado edition
9 © Novell, Inc. All rights reserved.
11. New Features in Analyzer
• Script Metrics – Test Data
• Script Metrics – Clean Data
• Matching Improvements
• SSL Connection to MySQL Database
11 © Novell, Inc. All rights reserved.
12. Script Metrics
• More flexible and powerful than Regular Expressions
• Write scripts in ECMAScript, Ruby, and Python
• Write metrics spanning across multiple attributes
• Use the same script to clean data
12 © Novell, Inc. All rights reserved.
14. Matching Improvements
• Better handling for multi-valued and duplicate records
• Duplicate matches displayed in a separate tab
14 © Novell, Inc. All rights reserved.
15. SSL Connection to MySQL Database
• Analyzer can now connect to an external MySQL
database using SSL
• Analyzer uses the database as a repository for all
imported data.
15 © Novell, Inc. All rights reserved.
17. Designer Introduction
1. Model application
2. Deploy to Test setup
3. Write Policies
4. Test Policies
5. Deploy to Production
6. Document the project
17 © Novell, Inc. All rights reserved.
18. Designer Introduction
• Eclipse based desktop application
• Offline design and modeling capabilities
• Policy creation, management, and simulation
• Rich editors with undo/redo and global cut, copy, paste
• Powerful Test, Debug and Deploy capabilities
• Extensive support for User Application objects
• Support for creating Provisioning work-flows
• Support for Version Control
18 © Novell, Inc. All rights reserved.
19. Designer Introduction
A powerful visual toolkit for designing the identity environment.
• Graphically configure complex systems
• Model “What if” scenarios
• Automatically generate documentation
• Leverage re-usable configurations to reduce deployment time
19 © Novell, Inc. All rights reserved.
20. Stages
20 © Novell, Inc. All rights reserved.
22. New Features in Designer 3.5
• Basic Support for Staging
• Designer as an RCP application
• Performance Improvements
• Role Based Entitlements
• Schema Compare
• Support for Novell Identity Manager 3.6.1
®
• Support for Role Based Provisioning Module 3.7
22 © Novell, Inc. All rights reserved.
23. Support for Staging
• Staging helps you to move projects from the design
stage to the test environment and then the production
environment
• Basic support for moving Novell Identity Manager
®
projects from one stage to another
• Store additional objects in LDIF format
– Even objects not modeled in Designer can be stored
– Import additional objects from an Identity Vault or an LDIF file
– Export additional objects to an Identity Vault or an LDIF file
23 © Novell, Inc. All rights reserved.
24. Support for Staging
Deploy Security Equivalences from LDIF file
– Security Equivalence objects present in the LDIF container can
be deployed and associated with drivers
24 © Novell, Inc. All rights reserved.
25. Designer as an RCP Application
Eclipse Rich Client Platform (RCP)
What does it mean to the Designer product?
• A better way of building Eclipse based applications
– Greater control over User Interface and Branding
– Greater control over plug-ins to be included in the product
• Choose what plug-ins should be included versus
include everything, then remove what you don't need
25 © Novell, Inc. All rights reserved.
26. Designer as an RCP Application
What are the benefits?
• Improved and simplified User Interface
• Logically grouped menus items
• Removal of unnecessary menus, views, and
perspectives
26 © Novell, Inc. All rights reserved.
27. Designer as an RCP Application
What are the benefits?
• Extracted size is 617 MB vs 805 MB
• Start up is significantly faster
• Performance improvements across many actions
• Leaner installer and faster installation
27 © Novell, Inc. All rights reserved.
28. Performance Improvements
Improved eDirectory Browse performance over VPN
™
Re-Authentication
Browse 100 leaf objects Designer 3.5
Designer 3.5.1
Browse 100 containers
0 2 4 6 8 10 12
Minutes
Network Connection : VPN, Max Speed: 256 Kbps
Results may vary depending on the connection speed and system configuration of the system used
28 © Novell, Inc. All rights reserved.
29. Performance Improvements
Improved eDirectory Browse performance over VPN
™
Manage eDirectory
ID Vault > Deploy Context Designer 3.5
Designer 3.5.1
Browse - Import Dialog
0 0.5 1 1.5 2 2.5 3
Minutes
Network Connection : VPN, Max Speed: 256 Kbps
Results may vary depending on the connection speed and system configuration of the system used
29 © Novell, Inc. All rights reserved.
30. Performance Improvements
• Improved deploy performance for Provisioning objects
• Better performance while deploying large number of
objects
• On a particular test setup where deploy for 800 roles
used to fail, we were able to deploy 1800 roles after
the performance improvement code changes
30 © Novell, Inc. All rights reserved.
31. Role-Based Entitlements
You can now create and edit Role-Based Entitlement
Policies in Designer
31 © Novell, Inc. All rights reserved.
32. Role-Based Entitlements
• You can associate entitlements with policies
• Users matching the criteria defined in the policies will
be granted the entitlements associated with that policy
32 © Novell, Inc. All rights reserved.
33. Role-Based Entitlements
• User can be assigned dynamically or statically to
the policy
• Users can also be statically excluded from a policy
33 © Novell, Inc. All rights reserved.
34. Schema Compare
• Compare the Identity Vault schema in Designer with
the schema in your production environment
• View and reconcile the differences in schema
• Resolve conflicts on individual classes and attributes
34 © Novell, Inc. All rights reserved.
36. Support for
Novell Identity Manager 3.6.1
®
New and updated driver configuration files
36 © Novell, Inc. All rights reserved.
37. Support for
Novell Identity Manager 3.6.1
®
Structured Configuration Values to support SAP driver fan-out
• A new type of Configuration Values in Designer
• A great way to group repeating sets of Configuration Values
• Create a template with the repeating set of values and then
create instances of that template with the click of a button
37 © Novell, Inc. All rights reserved.
38. Support for Roles Based
Provisioning Module 3.7
Support for Resources
• New Resource editor is now available
• Define categories, owners, and trustees
• Define grant and revoke approval processes for
a resource
• New Resources Category list in the DAL editor
38 © Novell, Inc. All rights reserved.
39. Support for Roles Based
Provisioning Module 3.7
New Team Editor
• Supports the new Team object class
• Supports creating a team for a particular domain
• Deprecated attributes removed from the Team editor
39 © Novell, Inc. All rights reserved.
40. Support for Roles Based
Provisioning Module 3.7
Migration Support for migrating older versions of
User Application Drivers to 3.7
40 © Novell, Inc. All rights reserved.
42. Upcoming Features in Designer
• Modeler Clutter Reduction
• Package Manager
• More Performance Improvements
42 © Novell, Inc. All rights reserved.
44. Modeler Clutter Reduction
• A new view has been added to the Domain Groups
• Shows the connection for the selected driver only
• Gives a preview of the applications within a
Domain Group
• Makes projects with large number of drivers
manageable
• Makes Domain Groups more usable
• Cleaner looking Modeler diagrams
44 © Novell, Inc. All rights reserved.
45. Package Manager
• A new way for
– Creating
– Distributing
– Managing
• Novell Identity Manager content
®
45 © Novell, Inc. All rights reserved.
46. Performance Improvements
Improved Import/Deploy performance over VPN
Import 2 Entitlement, 3 JDBC Drivers
Deploy 2 Entitlement, 3 JDBC Drivers Designer 3.5
Designer 4.0
Compare 2 Entitlement, 3 JDBC Drivers
0 5 10 15 20 25 30
Minutes
Network Connection : VPN, Max Speed: 256 Kbps
Results may vary depending on the connection speed and system configuration of the system used
46 © Novell, Inc. All rights reserved.
47. Performance Improvements
Improved Import/Deploy performance over VPN
Import two AD Drivers
Deploy two AD Drivers Designer 3.5
Designer 4.0
Compare 2 AD Drivers
0 10 20 30 40 50 60
Minutes
Network Connection : VPN, Max Speed: 256 Kbps
Results may vary depending on the connection speed and system configuration of the system used
47 © Novell, Inc. All rights reserved.
50. iManager Introduction
• A web-based administration tool
• Provides a global view of the network from one
browser-based tool
• Helps manage Novell Open Enterprise Server, Novell
®
Identity Manager, Novell eDirectory and other services
™
• A single point of administration for directory objects,
schema, partitions, replicas and many other network
resources.
50 © Novell, Inc. All rights reserved.
52. WAR File Deployment
• iManager can now be installed on an existing tomcat
installation
• In order to remove installation dependencies on tomcat
and Java runtime environment
• Speed up distributing security vulnerability fixes
52 © Novell, Inc. All rights reserved.
53. Future Directions
• Dashboard view: A concept for making the plug-ins
widgetized, displaying widgets on the dashboard
– Spring & GWT into iManager
• Multiple Tree administration
53 © Novell, Inc. All rights reserved.
56. Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc.
Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope
of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified,
translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in
making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents
of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any
particular purpose. The development, release, and timing of features or functionality described for Novell products
remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to
make changes to its content, at any time, without obligation to notify any person or entity of such revisions or
changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc.
in the United States and other countries. All third-party trademarks are the property of their respective owners.