Tuesday Jan 27, 2015

Building a Scalable, Highly Available Oracle API Gateway 11g Infrastructure in a Cloud Environment

One of the major challenges that companies face in adopting a cloud computing platform is the secure provisioning of services in the cloud. Oracle API Gateway (OAG) 11g can be a very powerful tool in this sense, since it focuses on service protection, with authentication mechanisms, message encryption, and security/policy functionalities.

Marcelo Parisi recently drafted an article that details how one can create a cloud-based OAG infrastructure with high-availability and scalability support. Both high-availability and scalability operations are covered and, for the purpose of the article, Marcelo uses virtual machine (VM) and storage concepts, along with OAG and Oracle Traffic Director (OTD).

Read the entirety of Mr. Parisi's technical article here.

Visit the Oracle Technology Network for more information about Oracle Identity Management Products including downloads, documentation and samples

Engage with us on Twitter @oracleidm and follow us here in the Identity Management blog.

Monday Jan 26, 2015

Is Your PaaS Delivering the Agility Your Users Demand?

January 28th, 2015 10:00am PST/1:00pm EST - Register Today

Modern Business. Modern Cloud. Is Your PaaS Delivering the Agility Your Users Demand?

Join Oracle at the keynote as we kick off the online forum with IDC analyst Robert Mahowald. Learn how to rapidly build, deploy, manage, and secure rich applications and enable business collaboration and innovation using an integrated cloud platform built on the industry’s #1 Database and Application Server.

Following the keynote, stay for highly engaging content specifically designed for:

  • Java and Database developers
  • Database managers and administrators
  • IT operations managers
  • Lines of business managers

Be sure to join the Middleware Cloud Platform Sessions and learn how to Extend Your Identity Management Services to the Cloud

As organizations consume an increasing number of cloud services and apps, identity management becomes fragmented. Organizations have inconsistent access policies and lose visibility into who has access to what. To avoid these risks and costs, they are increasingly adopting a strategy of extending enterprise identity services to the cloud. This session explores how customers are using Oracle Identity Management to deliver a unified identity management solution that gives users access to all their data from any device while providing an intelligent centralized view into user access rights.

Review the full agenda for more information. Experts will be available for online chat to answer your technical questions.

Thursday Oct 30, 2014

Oracle Virtual Technology Summit Kicks Off November 18

The Oracle Technology Network (OTN) invites you to the next Virtual Technology Summit, on November 18th. Learn first hand from Oracle and community experts about Oracle Middleware, Mobile Architectures and more. Participate in hands-on labs and technical presentations, and chat with other developers. Register here!

Featured at the Summit:  Securing Mobile apps and data in a BYOD world

By Indus Khaitan, Senior Director, Product Management, Oracle

Mobile apps are changing how employees interact with their organizations. Productivity now requires far more than 24x7 email, including unfettered access to corporate data, files, and email from anywhere and on any device. Mobile apps are the new endpoint security concern. This session will focus on measures that can be taken to achieve mobile security without compromising productivity and user-experience.

North America – November 18th / 10am PT to 12:30pm PT - Register Now

APAC English – November 19th / 10am IST to 1:30pm IST - Register Now

EMEA – November 26th / 9am-12:30pm GMT / 10:00am CET / 1:00pm GST - Register Now

Tuesday Apr 16, 2013

With You, Boston

Boston Marathon

Our thoughts and condolences go out to all affected by the tragedy at the Boston Marathon.Our tribute to the resilient city, Boston, and its brave residents.

Monday Nov 21, 2011

Brand New Oracle WebLogic 12c Online Launch Event, December 1, 10am PT

Online Launch Event. Unveiling Oracle WebLogic Server 12c. Oracle Fusion Middleware WebLogic Server 12c.

The brand new WebLogic 12c will be launched on December 1st with a 2-hour global webcast highlighting salient capabilities and benefits and featuring Hasan Rizvi, SVP, Oracle Fusion Middleware and Java. For the more techie types, the 2nd hour will be a developer focused discussion including multiple demos and live Q&A.

Please join us, with your fellow IT managers, architects, and developers, to hear how the new release of Oracle WebLogic Server is:

  • Designed to help you seamlessly move into the public or private cloud with an open, standards-based platform
  • Built to drive higher value for your current infrastructure and significantly reduce development time and cost
  • Enhanced with transformational platforms and technologies such as Java EE 6, Oracle’s Active GridLink for RAC, Oracle Traffic Director, and Oracle Virtual Assembly Builder 


Friday Aug 26, 2011

Got cloud, mobile, app security on your mind?

Now that we have talked about why you can't miss Oracle OpenWorld this year, let's get building on our schedule. We have an exciting line-up of Identity Management sessions featuring Oracle Identity Management executives, product management leads, customers and partners and over the next week or so, we'd walk you through some of the session highlights. If cloud, mobile and applications security are top of mind for you, here's a list of Must-Attend sessions for you; be sure to add these to your schedule builder today!

Identity Management General Sessions

Monday October 3, 2011




2:00 pm – 3:00 pm

Trends in Identity Management

Amit Jasuja, Vice President, Oracle

Moscone West        Room 3022

3:30 pm – 4:30 pm

Identity and Access Management for Oracle Applications

Svetlana Kolomeyskaya, Group Manager, Product Management, Oracle

Connie Jaremczuk, Principal Product Manager, Oracle

Moscone West       Room 3022

5:00 pm – 6:00 pm

Identity Administration Management for the Cloud

Gary Cole, Software Architect, Oracle

Tanu Sood, Principal Product Director, Oracle

Moscone West       Room 3022

Tuesday October 4, 2011




10:15 am – 11:15 am

Mobile Security Trade-offs: Balancing Strength and Usability

Mark Karlstrand, Senior Product Management , Oracle

Joshua Walderbach, Information Security Analyst, Principal Financial Group

Moscone West        Room 3022

10:15 am – 11:15 am

BYODW (Bring Your Own Device to Work): Securing the Mobile Enterprise

Clayton Donley, Sr. Director Development, Oracle

Daniel Killmer, Principal Product Manager, Oracle

Moscone West       Room 3020

4:00 pm – 5:00 pm

Directory Server Innovation: From the Enterprise to the Cloud

Forest Yin, Director Product Management, Oracle

Etienne Remillon, Principal Product Management, Oracle

Vikas Mahajan, Director, AARP

Moscone West        Room 3003

5:30 pm – 6:30 pm

Cloud Security Case Studies of SaaS, PaaS, and IaaS

Mark O'Neill, CTO, Vordel

Moscone West       Room 3022

5:30 pm – 6:30 pm

Enterprise-Grade Security in the Cloud: So You Can Sleep at Night

Gail Coury, Vice President Risk Management, Oracle

Joe Collette, Head of Americas Infrastructure, RBS Citizens

Moscone West

Room 3003

Wednesday October 5, 2011




4:45 pm – 5:45 pm

Achieving Context-Aware Security with Integrated Identity Management

Vadim Lander, Chief Architect, Oracle

Moscone West       Room 3022

4:45 pm – 5:45 pm

Cloud and SOA Security with Oracle Enterprise Gateway and Oracle Web Services Manager

Anand Kothari, Principal Product Manager, Oracle

Sid Mishra, Principal Product Manager, Oracle

Nickolas Kavantzas, Web Services/SCA Architect, Oracle

Marriott Marquis    Room Golden Gate B

Thursday October 6, 2011




10:30 am – 11:30 am

Oracle Identity Platform Security Services for Oracle Applications

Ganesh Kirti, Senior Product Development, Oracle

KK Sriramadhesikan, Consulting Member, Oracle

Moscone West      

Room  2020

1:30 pm – 2:30 pm

Integrating Oracle E-Business Suite with Oracle Identity Management Solutions

Sunil Ghosh, Senior Development, Oracle

Keith Swartz, Senior Software Architect, Oracle

Moscone West        Room 2016

Oracle OpenWorld Identity Management Hands-On Labs

Tuesday October 4, 2011




10:15 am – 11:15 am

Securing Oracle Applications with Oracle Identity Management

Michael Freel, Principal Sales Consultant, Oracle

Marriott Marquis    Room Salon 1/2

Thursday October 6, 2011




3:00 pm  – 4:00 pm

Securing Oracle Applications with Oracle Identity Management

Michael Freel, Principal Sales Consultant, Oracle

Marriott Marquis    Room Salon 1/2

For a complete list of Identity Management sessions, product demos and hands-on-lab sessions, please keep the Focus On Identity Management document handy.

Thursday Aug 25, 2011

The Platform Evolution: Analyzing Point Solution vs. Platform Approach

[Read More]

Why You Can't Miss Oracle OpenWorld This Year

Still thinking about whether or not to attend Oracle OpenWorld 2011? Here are 5 reasons why you can't miss this year's conference.

5. Over 25 sessions, exclusive product demonstrations and hands-on-labs sessions on Identity Management
Complete immersion in Identity Management with presentations from Identity Management experts. Check out the Focus On Identity Management document that provides a complete schedule with dates, times and location of main keynotes, session labs, product demonstrations, and more. 

4. Face-to-face with the Oracle Identity Management executives, product management team, customers and partners
Between all the sessions, meetings, exclusive networking events like Oracle OpenWorld Welcome Reception,  Oracle Appreciation Event, "It's a Wrap" party, there are ample opportunities to connect with the Oracle Identity Management team and experts from the ecosystem. Discuss with your peers the trends in identity management, implementation best practices, industry events to look for, hot SF restaurants, and everything in between. 

3. Keynotes from high-profile industry executives and sessions beyond Identity Management
Industry keynotes, thousands of sessions and hundreds of demos and hands-on-labs, this year's Oracle OpenWorld is geared towards helping enterprises get the most out of their existing IT investments. Learn how best to leverage the latest technology innovations to maximize your ROI and meet your corporate mandates.

2. A live performance from Sting!
Enough said!

1. Larry Ellison's keynote!
Don't wait to hear about it! Be there live for Larry Ellison's keynote. You will be discussing it for days...

So, register now and start building your schedule today. We will see you in San Francisco at Oracle OpenWorld 2011.

Thursday Aug 11, 2011

Getting IT Right with an End-to-End Access Control - Q&A Follow-Up

Thanks to all who joined us on our last week’s webcast on “Getting IT Right with an End-to-End Access Control Strategy”.  Identity Management is about User Authentication, Authorization, Administration  and Audit (the 4 A’s of Identity Management). But it doesn’t end with task automation. Identity Management needs to be smart (read: intelligent). It needs to ANALYZE the circumstances, understand the CONTEXT and CONTROL or manage the user interaction with the enterprise resources. Marc Boroditsky, Vice President, Oracle Identity Management, did a great job in explaining how end-to-end access control is really about becoming more context-aware with information backed by advanced analytics to offer more control.

The webcast replay is now available and we hope to continue the conversation we started with this webcast. In the meantime, I have captured the responses to the questions asked during the webcast.

Q. Is Identity Management strategic for Oracle?

A. Very much so. Oracle continues to make significant investments in Identity Management across all organizations including product development, customer and sales support, business development, marketing, and more.

Q. Where can I find the Aberdeen Report that Marc mentioned?

A. You can download the Aberdeen Report citing the findings on Platform vs. Point Solution Approach Study for Identity Management here.

Q. I was at one of the major health insurance providers recently. I was told not to bring laptop or any other hardware. I was told not to upload or download a file. Access to servers I was supposed to work on took 3+ weeks. Is that a smart way of doing security?

A. No access or limited access as a policy is detrimental to getting business done. And in fact, it may still not be an effective security measure. A smart approach would be to have layered security whereby only the right people have the right level of access to the right resources at the right time. When a user role or needs change, that change should also trigger user access and administration change. Moreover, all of this should be auditable. An integrated approach to user authentication, access authorization, administration and audit will accomplish this.

Q.  Where can I find product roadmaps for Access and Identity?

A. Technical information for all our Identity Management products is located on Oracle Technology Network. To schedule a roadmap briefing, please request your account manager.

Q. Is Oracle Identity Management part of the Oracle Database binary code?

A. No. Oracle Identity Management solutions are licensed separately.

Q. What differentiates Oracle Identity Management offering from its GRC Suite offering?

A. While GRC deals with standards-based platform for enterprise risk management, regulatory compliance, and controls enforcement, Oracle Identity Management solutions allow enterprises to manage the entire user identity life cycle across all enterprise resources and offer identity audit & compliance capabilities.

Q. How does Oracle Identity Management stack support private/public cloud infrastructure?

A. Oracle’s Identity Management stack plays a critical role in making the cloud environment secure for enterprises.

  • Identity federation is one area where standards such as SAML are quite mature and are being adopted by cloud providers and applications. Oracle Identity Federation (OIF) offers full range of standards-based federation between cloud applications and their customer’s applications.
  • Oracle Identity Manager (OIM) provides standards-based secure provisioning and self service registration of application users to cloud applications via support for SPML services and BPEL workflow definitions.
  • Oracle Enterprise Single Sign-On (ESSO) Suite lets enterprises host ESSO in a private cloud to offer users secure access to heterogeneous enterprise resources from anywhere, anytime.
  • Oracle Access Manager (OAM) provides a robust Single Sign On capability that streamlines identity authentication processes across cloud applications
  • Oracle Adaptive Access Manager (OAAM) provides strong authentication, identity verification, and fraud prevention across service provider’s cloud applications
  • Oracle Web Services Manager (OWSM)  provides policy-based authentication and authorization infrastructure for securing web services

We encourage you to download our Cloud Security Resource Kit for additional detail.

Q. With the layered security approach, are you recommending that there be a specific order of implementation i.e. Directory Services, SSO and Provisioning first and then the remaining pieces?

A. The order of implementation and even the scope of implementation are based on the organization’s needs and the specific issues/business challenges you are trying to solve. Please connect with your account manager to discuss your specific needs and chart out the appropriate implementation plan for the best return-on-investment.

Q. Is Oracle Identity Management a new technology?

A. Oracle has been offering proven, best-of-breed Identity Management solutions for quite some time. With continued investment in technology and resources, Oracle’s Identity Management solutions portfolio has grown significantly over the years. For a complete list of Oracle Identity Management offerings and more information, please visit us at www.oracle.com/identity.

Q. Can I use Oracle Identity Management to centrally manage access for multiple external clients?

A. Yes. Oracle Identity Management solutions allow you to centrally manage user authentication, authorization, administration and identity audit across all resources and for all users regardless of whether they are within or outside your organization. A good example of external user facilitation is:  Qualcomm Case Study: Supporting User Federation using Oracle Identity Federation.

Q. Can Oracle Identity Management provide the visual graphic metrics of all user activities like the Oracle OEM alert metric?

A. Oracle Identity Analytics provides actionable dashboards, graphs and metrics for user and identity audit at any time.  Oracle Adaptive Access Manager provides strong risk-based authentication features like real-time risk alerts based on behavioral profiling and advanced risk analytics.

Q. How do we integrate the new Oracle Identity product with other large apps e.g. Siemens PLM product?

A. Oracle Identity Manager can integrate with Siemens PLM using the application’s API or if the application supports SPML, then by using SPML calls. Oracle Identity Manager’s Identity Connector Framework makes the integration process quite flexible, scalable and efficient. Most market leading applications and systems are supported out-of-the-box.

Q. How can the tool set transit the identity between the layers, for instance if I have a JBOSS server and a WebLogic server, how can I pass the identity from one to the other so that both can participate in this vision?

A. With Oracle Identity Management, you can externalize identities to a centralized identity platform supported by Oracle Platform Security Services (OPSS). OPSS allows you to abstract security, audit, and identity management functionality from applications so you no longer have to hard code these in individual applications thereby reducing the time and cost for application lifecycle. Read more about this revolutionary approach here.

Q. Would I need Oracle Directory Services if I have Oracle Identity Manager in-house?

A. Oracle Directory Services Plus and Oracle Identity Manager are complementary solutions. Oracle Directory Services Plus is the industry’s only integrated solution that offers identity virtualization, storage, proxy and synchronization services for high-performance enterprise and carrier-grade environments. Oracle Identity Manager is an identity administration and user provisioning solution that automates the process of adding, managing, updating and deleting user accounts on enterprise resources, whether on-premise or in the cloud. While these solutions work very well together and solve unique challenges, the implementation of one does NOT require the implementation of the other.

Hope this is just a start of our conversation on this subject. We look forward to hearing your feedback on the approach Marc alluded to during the webcast and how it applies to the organizations today.

Tuesday Aug 09, 2011

Securing Your Electronic Health Records

Thanks to all those who joined our webcast on securing electronic health information records. According to the survey by healthcare IT News many organizations are depending on the EHR vendors to take care of the security requirements; however, a more systematic approach has to be taken in order to meet the compliance and "meaningful" use requirements .  Mark Ford from Deloitte did a great job of setting the context around the legislation and the changing requirements. Thanks for all of the great questions on the webcast and I want to take the time to make sure we capture the answers. I will post a replay. Mike mentioned the Aberdeen report comparing the platform vs the point solution this may provide some benefit as you think about your road map.

  • Question: Looking at certification review with regard to clinician access - we have lots of cases where clinicians have excessive access - what else can I do with regard to a layered ?
  • Answer: So there are two things that we would recommend - many of the excessive access issues can be prevented in the first place by provisioning ( See Oracle Identity Manager) users based on a pre-defined job role. This model works well and can speed up the audit. The second thing that organizations are doing is complimenting certification review with detective monitoring provided by Oracle Security Governor . To streamline the certification review portion - Oracle Identity Analytics has some easy to use reporting that can make this less cumbersome.
  • Question: We have primary care physicians scheduling appointments through our web interface from different parts of the state - can your solution help us manage their user passwords.
  • Answer: Yes - if you are using a web interface then we could enable self service password management for your connecting physicians. You can provide this capability with Oracle Access Manager - also consider the ability for your connecting physicians to connect directly to your external portal with Federation capabilities 
  • Question: Is there a role life-cycle management capability in the Oracle stack. How would I get started in that process
  • Answer: Yes Oracle Identity Analytics provides this - you can download it from our site
  • Question: SSO is well understood by all, but what about signing off? Multiple apps running over one SSO, how do you manage the signing off of individual apps?
  • Answer: This a great question - there are many circumstances where this is required - so with Oracle ESSO there is an ability for sign of where ESSO cleans up the cache so that someone else can use the terminal - we find this case in healthcare a lot.
  • Question: We are a hospital with lots of VIP celebrity patients - how can we secure access to specific the specific vip patient data .
  • Answer: We get asked this a lot - feel free to reach out to us and we can setup a conversation with a couple of our customers who are solving the same problem. Basically, there are a number of ways to solve this. At a detective level our security governor can detect when the incidence has occurred we can also use the Oracle Entitlements Server to guard the data directly at the application level. Would be happy to schedule a demo.
  • Question: What if we have an existing HR system like Peoplesoft can we use that to drive the access provisioning of our clinicians.
  • Answer: Yes if you have Peoplesoft or any other HR system - we can connect and drive provisioning from this source. There are is a white paper on this on our website.
  • Question: Given that there are lots of offerings in the product stack - where should we get started - can we start with any product in the stack
  • Answer: Because we have integrated the stack - customers can start from any point depending on the need. One paper that might be helpful is the recent Aberdeen report that talks about the tremendous cost saving of going with the platform approach.

Hope these answers provide you what you need. If you have follow up questions you can post them as comments below and we will answer them. Thanks again for joining us and we look forward to chatting again soon.

Thursday Aug 04, 2011

Getting IT Right with an End-to-End Access Control Strategy

In our last post, we talked about how new technologies and trends are driving the demand for identity management solutions. The question is: Are Identity Management solutions of today rising up to those challenges? While some of the time-tested Identity Management solutions are achieving maturity, the industry itself continues to evolve. No longer is Identity Management only about IT administration. The higher calling for Identity Management is (or should be) Business Enablement.

Oracle is hosting a live webcast today to discuss the evolving security and business (and user!) requirements and how that's changing the Identity Management solution and strategy set. Oracle's Vice President of Identity Management, Marc Boroditsky, will discuss how the conversation around Identity Management has completely changed over the last couple of years. Using data points and industry numbers, Marc will discuss how we need to re-think the concept of what an "end-to-end access control" solution should look like.

Please join in on the conversation because the webcast today is a discussion of recent findings and proof points not a lecture or a prescription on the topic. We look forward to an animated Q&A round with you today.

Here are the details:

Live Webcast: Getting IT Right with an End-End Access Control Strategy

Thursday, August 4th (today) at 10 am PDT/1 pm EDT

Register Now

Tuesday Aug 02, 2011

Another Catalyst, Another Step Forward For Identity Management


The week after the Catalyst Conference is always hard for those of us in identity management, as we suffer through what can only be described as withdrawal pains. Gartner Catalyst is not your average conference, and not just because we get to enjoy the beautiful San Diego weather and locale. During the day, you get to immerse yourself into the most relevant topics of the day, whether they be identity management, cloud, mobile or (most importantly now) the intersection of all these in the new Enterprise IT. And after working hard during the day, you get to play even harder at night. Between the hospitality suites hosted by the vendors (Captain Jack Sparrow at Oracle suite on Thursday night was quite a showman, wasn’t he?), the after parties and the after-after parties, Catalyst is a great place to mix education and discussion with entertainment and networking for Identity Management professionals – old timers and new entrants.

And there were quite a few of the latter this year, as Catalyst boasted record attendance. When Bob Blakley polled attendees at his keynote in the identity management track for first time attendees, almost half the room raised their hands. Which is not entirely surprising to us considering the renewed emphasis on identity management we’re seeing in enterprise security programs. Some of this is due to the increased visibility for identity management in the wake of recent security breaches and compliance problems. But also evident at Catalyst this year was just how much of a factor cloud computing and mobile access have been in spurring new IT initiatives. Interestingly, there was a tremendous cross-pollination of topics (and speakers) between the identity management, mobile and cloud computing tracks, with a number of attendees splitting their time between the three. It’s obvious that enterprise security professionals are paying attention to the impact that trends like SaaS adoption at the departmental level and bring your own device are having on their existing controls, and are searching for answers.

At Oracle, we are very aware of the pressure these diverse, yet inter-connected factors are placing on enterprise security, and believe that only an end-to-end access control solution (and strategy) can help mitigate the emergent risks. We even have a webcast coming up on this very topic (great timing, right?). We’d love for you to join in the conversation; after all, it takes a village! Here are the details:

Thursday, August 4 (yes, this week!), 2011 at 10 am PT/1 pm ET

Getting IT Right with an End-to-End Access Control Strategy



Tuesday Jul 26, 2011

Oracle Unified Directory Webcast Q & A

Thanks to everyone who joined our webcast on OUD. Because we ran out of time, several questions were un- answered. I have captured answers to all of the questions asked for your reference. You can also view the webcast on demand.

      Question: If you are currently using OID, OVD and EUS, what should be the future direction in terms of upgrade    paths, roadmap etc?

· Answer: Support of OUD as another option for EUS deployment is on our future roadmap, but the support of OID and OVD for EUS will not change, so no upgrade needed.

· Question: How is OUD different from OUD and OID

· Answer: Architecturally, OID is based on an external Oracle database, and OUD is based on an embedded Berkeley database. Scalability wise, they have different approaches to support extremely large deployments, OID provides monolithic scalability in a single DIT and even leverages ExaData for large scale deployments, while OUD provides horizontal scalability by adding more instances with data partition and global index for performance and scalability on commodity hardware. These solutions provide options to customers to meet their different requires and preferences.

· Question: How does the tool work with OES 11g

· Answer: Supported as identity store

· Question: Will Identity synch be available in OUD Is there a feature compare between other OpenDS offerings

· Answer: Yes, refer to our differentiators slides

· Question: Can OUD Synch or replicate with AD

· Answer: Yes, using Directory Integration Platform (DIP) from Oracle

· Question: Is referential integrity for objects / attributes such as groups / roles and members provided OOTB, or would custom plugins be required?

· Answer: Available in product – must be enabled

· Question: What is the level of interoperability with 3rd party directories such as AD or Edirectory?

· Answer: Supported using DIP

· Question: Is it possible to include OID in a OUD replication agreement?

· Answer: Not supported

· Question: but if I don't have ODSEE deployed, do you recommend a pure OUD deployment, to cover all of my directory (and virtual directory) needs?

· Answer: Yes. ODSEE is not a pre-requisite in anyway. However, virtual directory capability is not available in current OUD 11g, so you need to use both OUD and OVD together.

· Question: Does OUD run on WebSphere?

· Answer: OUD server is a J2SE app and runs on any JVM. However its admin console ODSM and monitoring interface Enterprise Manager require J2EE container and are currently only supported on WLS.

· Question: How about Novell eDirectory?

· Answer: You can replace eDirectory with OUD and you can sync them with DIP.

· Question: Is OVD ever useful/needed for replication in an OUD-oriented deployment?

· Answer: Not needed for replication, but only when you need to virtualize a directory environment that has other LDAPs or databases.

· Question: Is OUD a LDAP v3 implementation?

· Answer: Yes

· Question: Looks like this is intended to completely replace ODSEE, right?

· Answer: OUD can completely replace DSEE – customers are not required to replace DSEE

· Question: I'm a Sun DS 5.2 customer and I'm really confused. Is Unified Directory the future? Or should be I migrating to DSEE 11g (7.0)?

· Answer: OUD is the future directory, but we will continue to enhance and support ODSEE. We encourage you to upgrade to OUD, but you still have the option to upgrade to ODSEE 11g.

· Question: Does the OUD replication gateway work with ODSEE 6.3.1? Or is it mandatory to upgrade to ODSEE 11g first?

· Answer: currently only works with ODSEE 11g. However, it is on the roadmap to make it work with ODSEE 6.3.x directly.

· Question: What's the future for ODS and OID?

· Answer: OID will continue and be an option in addition to OUD.

· Question: ODSEE provided a plugin API. Does OUD provide a similar plugin API? Will existing plugins convert easily?

· Answer: OUD does not yet have a plug-in API. But because OUD is in Java and DSEE is in C- plug-ins will most likely have to be rewritten. However, before rewriting – investigate OUD and OVD features – could be features that required customization in DSEE – are now standard features.

· Question: understand OVD will be converged into this product. Is this correct?

· Answer: Yes. Once it is converged in the future, you’ll have a new OVD with full-functioning and powerful local store.

· Question: What is the future of Oracle/Sun Directory Server?

· Answer: If you are asking about ODSEE, we will continue to enhance and support it, though OUD is the future focus of innovation and already fully compatible with ODSEE.

· Question: How do you get such great performance improvement using OUD vs. ODSEE, considering ODSEE is arguably the best of breed in terms of read performance in the enterprise DS market?

· Answer: Exactly, ODSEE has great performance and is already the best on the market. We further enhanced OUD with new threading model and other architectural improvements to make it perform even better.

· Question: Does synchronization include the ability to sync identity data to SaaS applications?

· Answer: Depends on what SaaS applications you are using, as long as we have a DIP connector, it will work.

· Question: Is the replication gateway a separate install?

· Answer: not a separate install, but a configuration step.

· Question: Any justification to replace non-Oracle LDAP directory products by OUD?

· Answer: Absolutely. There are many reasons I can list, but a few quick points – 1. Oracle is the only vendor with a complete and unified directory solution, so you have one strategic vendor to work with and get the integrated solution and experience. 2. OUD provides high performance and scales elastically according to your needs which will reduce TCO. 3. We provide tools to help you migrate. 4. You can count on Oracle to continue to innovate as we have demonstrated with the OUD release.

· Question: will there be a best practices for migrating sun dir 5.x , 6.x, and 7.x users?

· Answer: yes, we will have a whitepaper available on this.

· Question: Will this have synch with AD

· Answer: Yes, through DIP

· Question: How does licensing work? Is it per server?

· Answer: Per CPU

· Question: In terms of synchronization with other stores, do you have some sort of connectors or framework we can use to build integration with stores on mainframe and other types of application which has their own store..

· Answer: There is a custom API for DIP

· Question: How much do the stated performance numbers for OUD depends on datasets being cached in memory?

· Answer: Full cache. As with any database product – maximum performance requires to reduce the amount of disk IO and thus the more data in memory cache – the better the performance

· Question: Can OIM use OUD as a native user repository? (It can currently use OID, but not ODSEE).

· Answer: No. OIM requires a database

· Question: Is OUD <-> ODSEE replication perform as well as ODSEE replication? Or are there replication delays to be expected?

· Answer: Should be seamless without delays.

· Question: How is elastic scalability achieved? Also, what other DS is OUD interoperable

· Answer: Elastic scalability is delivered through data partitioning and global index. Sync using DIP support all major LDAPs and Oracle database.

· Question: How does this work with Identity Management/SSO?

· Answer: Oracle IDM 11g certified OUD 11g.

· Question: I know there are a few companies that have taken openDS and built products (e.g. UboundID sp?, forgrock, etc.). How is OUd better since those other guys have been out for years?

· Answer: The real point is that OpenDS was out for a few years. OUD is build on top of OpenDS, but added some other innovative capabilities like proxy, data partition, global index, ODSE web based admin UI, monitoring using Enterprise Manager Grid Control, replication gateway with ODSEE, etc that differentiates us from others.

· Question: Will there be new update versions after ODSEE 11 gR1? or are the customers encouraged to migrate to OUD ?

· Answer: Customers are encouraged to upgrade to OUD, although there will be update versions to ODSEE 11gR1.

· Question: How much control do we have with command line tools or we need to rely on administration console

· Answer: All functions in Admin console are available through commend line

· Question: All of the discussion is around Sun. Does this work on IBM AIX?

· Answer: Yes.

· Question: Where can we download OUD

· Answer: on Oracle Technology Network (OTN).

· Question: Is ODSEE the same as Oracle/Sun Directory Server?

· Answer: Yes.

· Question: Will this product follow the path of OpenDS and provide both an enterprise and and open source version?

· Answer: There will be no equivalent of open source version of OUD as there will be no new functional capabilities committed to the open source.

· Question: We are on Oracle/Sun Directory Server v7. What do you recommend for our future path?

· Answer: You can continue on ODSEE, but we encourage you to test OUD and plan upgrade if you like OUD better.

· Question: You just said there will be "a convergence across products". That sounds like you're saying Unified Directory is the replacement for DSEE and OID. I'm still confused

· Answer: Convergence is more about ODSEE, OVD and OUD. OID is still an alternative solution for customers.

· Question: So OVD remains separate from OUD? Can OUD instantiate LDAP views (like OVD does)?

· Answer: OVD is separate for now until it is converged. OUD currently does not have virtual directory capabilities.

· Question: If a client has Identity and Access Management Suite Plus, does this imply an OUD license?

· Answer: Yes.

· Question: What security certifications has OUD undergone?

· Answer: Following the vigorous Oracle security practice.

· Question: Can OUD provide any OTB connector similar to OID DIP to synchronize with external data sources such as LDAP, Databases, Flat files, etc?

· Answer: It leverages DIP, so with the same connectors.

· Question: Does the replication gateway work with older versions of Sun DS (e.g. 5.2, 6.x) or do you have to be on 11g?

· Answer: Answered above. Only work with ODSEE 11g today, but support for other old versions are on the roadmap.

· Question: Is it possible to access the changelog directly? Or is a plugin like RCL needed to write the changes into a separate subtree?

· Answer: Technically it’s possible to query the Change log – however, OUD to OUD server uses an optimized replication protocol. If needing to synchronize data between OUD and another source – it would be better to use DIP (or OIM) instead of querying the OUD change log.

· Question: If I have OID can I migrate to OUD?

· Answer: Depends on what applications you are using. If you are using OID for Oracle apps that require it, for example, EBS, OSSO, etc, it will not work. If OID is used as an enterprise directory not for specific Oracle apps, you should be able to migrate to OUD.

· Question: Isn't DIP a completely separate product or has it been integrated with Unified Directory as well?

· Answer: Integrated for interoperability.

· Question: When will CA Siteminder be certified w/ OUD?

· Answer: Please ask CA to certify it. We will also proactively work with them.

· Question: What will be driving factor for the enterprise already using Sun directory Server 7 or above to move to OUD?

· Answer: Better performance, more flexible elastic scalability, better availability and unified solution with built-in proxy, complete Java experience with OVD and DIP, improved admin and monitoring experience with ODSM and EMGC.

· Question: Is DIP part of the ODS+ bundle?

· Answer; Yes

· Question: What kind of API is available?

· Answer: There is no API in current version. An API is planned for future version. If needed some type of data transformation for current release – possible to use OVD to do the data transformation before passing to OUD.

· Question: Can I use OUD 11g as user store for both OAM 10g and 11g?

· Answer: Yes.

· Question: How similar is this product with OpenDS?

· Answer: The core LDAP server is similar, but with added innovative functions like proxy, global index, Admin UI as well as monitoring etc.


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« July 2016