Oracle adds management to Oracle Virtual Directory; Penrose posts new virtual directory

The foundation for security and enterprise management

Right on the heels of SAP’s announcement of its purchase of virtual directory vendor MaXware, which we covered in last week’s newsletter, comes news of new releases in virtual directory technology on two fronts.

Oracle (whose 2006 acquisition of OctetString may have been the nudge that SAP needed in identity management) announced last week that it had integrated Enterprise User Security (EUS), a feature of Oracle Database 10g, with Oracle Virtual Directory. The move enables organizations to centrally manage database user identities through their existing corporate directories such as Oracle Internet Directory, Microsoft Active Directory and Sun Java System Directory Server.

Delivering on the promises made at the time of the OctetString acquisition, the database leader can now offer its customers (at least, the Oracle 10g customers) the ability to use EUS to virtually provision database user accounts, assign database roles, centrally manage user authentication and authorization, and enable self-service features such as password resets in existing corporate directories. That’s just not feasible without a robust virtual directory engine.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Right on the heels of SAP’s announcement of its purchase of virtual directory vendor MaXware, which we covered in last week’s newsletter, comes news of new releases in virtual directory technology on two fronts.

Oracle (whose 2006 acquisition of OctetString may have been the nudge that SAP needed in identity management) announced last week that it had integrated Enterprise User Security (EUS), a feature of Oracle Database 10g, with Oracle Virtual Directory. The move enables organizations to centrally manage database user identities through their existing corporate directories such as Oracle Internet Directory, Microsoft Active Directory and Sun Java System Directory Server.

Delivering on the promises made at the time of the OctetString acquisition, the database leader can now offer its customers (at least, the Oracle 10g customers) the ability to use EUS to virtually provision database user accounts, assign database roles, centrally manage user authentication and authorization, and enable self-service features such as password resets in existing corporate directories. That’s just not feasible without a robust virtual directory engine.

Not to be overshadowed the open source virtual directory effort, the Penrose Project, has just posted a new release – version 1.2. This addresses a real need for older Unix installations by providing a better way to modernize a Network Information Service installation.

As Penrose lead Jim Yang explains: “The usual approach to NIS is: 1. Migrate everything from NIS to LDAP; then 2. Attach NIS Gateway to the LDAP.” The problem with that is what Penrose calls “the Big Bang” – migrating all of your NIS in one fell swoop.

The Penrose approach can be called a “reverse gateway,” providing an LDAP view of NIS entries in real-time while allowing the administration of existing entries through the NIS interface until you’ve finished the migration. If any problems occur, you can always roll back and start again without disrupting the network. In addition to support for ApacheDS and OpenLDAP, Penrose integrated OpenDS and FedoraDS support. Go here http://penrose.safehaus.org/penrose/news.html for all the details and the download pointers.

Virtual directories are an important part of any full-featured identity management scenario. There should be one as part of your platform.

Events: Identity, and identity conferences seem to be growing faster in Europe than elsewhere. NetPro and Microsoft, for example, just announced a return to Europe. The Directory Experts Conference Europe will be held at the Sheraton Brussels Hotel in Brussels, Belgium, Sept. 24-26, 2007. Details are available here and registration is now open.

Downloads: Both the new release (1.2) and the “stable” release (1.1) of Penrose are available for download, so that you can – for no cost – experience the value of a virtual directory.

Read more about security in Network World's Security section.

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.