Innovations in Directory Services
By Mark Wilcox - CTO - Oracle Consulting Security-Oracle on Aug 23, 2009
Between helping get internal people up to speed on 11g, a really bad cold which may or may not have been the flu, and vacation (which was culminated with me getting to see two of my current favorite bands live on the Mayhem tour) - been a bit behind on getting to respond to some stuff floating around the blogsphere.
The strangest one was the implication that we here in the Oracle mothership had not been innovative in regards to virtual directory.
While we have done several updates to OVD functionality over the past several years (including Oracle Database Enterprise User Security and Microsoft Sharepoint integration) I wanted to highlight the new functionality in our 11g release.
The primary focus for 11g was to improve manageability and usability as opposed to adding a bunch of new server features. The reason for this is that we believe that we already lead the industry in terms of features. Thus there was not as much pressure in terms of adding missing features for the initial release.
The key difference between 10g and 11g is the UI. In 10g, the UI was based on Eclipse. In 11g, we now use a browser-based management console.
While Eclipse was nice (I have no reservations on building another tool using Eclipse RCP) but moving to the Web gave us some advantages:
- By using Oracle ADF UI framework able to leverage the hard-work of this amazing Web-2.0 ready product
- Simplified the ability to integrate with Enterprise Manager and our additional IDM products (as they release their own 11g versions) for administration
- Eliminates problems where customers either couldn't install software on their desktops and non-Windows/Linux platforms
So now let's take a look at some of the new UI elements. If you're reading this in an RSS reader - make sure to click the link to see the blog in your browser to see the images if they don't show up in your reader.
First all Fusion Middleware Components are now integrating with Enterprise Manager. EM provides a standard way of providing monitoring, performance information as well as standard access point to logging and audit information:
The next three shots show different screens with Oracle Directory Services Manager (ODSM). ODSM is used to manage OVD and OID. However, you can still deploy OVD without OID. And you can deploy OID without OVD.
First up is the ODSM Home screen. It provides additional status information not currently found in EM - such as adapter status and version information:
Next we take a look at the ODSM Data Browser which is often used by administrators to quickly see how the data will appear in OVD. I would like to highlight the fact that we have made this data view, much nicer for common LDAP data. In this example we are looking at a person entry - note that we show the most common data in an easy to read format. And if you have a picture for the entry, it shows up (otherwise we show a default icon). This can make it easier to actually check the data because most other LDAP tools don't really make it easy to see the data - they cloud it with attributes you don't really care about. We still provide access to all attributes, but for the common data you probably care the most about - it's highlighted up front.
Finally - all 11g Identity Management will write audit data to a common audit system. By default this is written to a text file. However, it is possible to write this data to a database. And if you write the data to a database, we provide a standard set of Oracle BI Publisher reports.