Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Experiences with identity management systems

Status
Not open for further replies.
jrbarnett

jrbarnett

Programmer
Jul 20, 2001
9,645
GB
Has anybody been involved in any aspect of identity management systems?

What I mean by Identity management systems are pieces of software (normally custom written for a company or organisation to fit around their specific requirements) that use data in a relational database, such as HR/Payroll or student management systems to control aspects of the network login, eg:
* disable login the day after a person leaves and delete 3 months later;
* create a network account and mailbox in the correct OU in the tree for their position within the organisation according to a defined naming convention, populating account attributes from field names (forename, surname, dept, manager and expiry date if its a temp or visitor account) the day before their start date then send manager an email with network login information.
* Extend the expiry date of an account if somebody takes a 6 month extension on their course of study.

I've been pulled into this at very short notice here and wondered if anyody else has experience they would be prepared to share.

John
 
Sort by date Sort by votes
Well we don't create network logins, but we do create logins for the people who use our wesites based on data feeds. I think the most critical piece of this is record-keeping. Record when the login was created, when it was deactivated and deleted and why. Most of our issues are with researching why people can't log in. If you are going to create credentials automatically based on name, you will need the process to check to see if the name already exists and then add a number to it if it does (or some other process to adjust the name). Names are not unique. Make sure to store the identifier from the HR system or student management system. This will help prevent the wrong John Smith from getting disabled or deleted.

"NOTHING is more important in a database than integrity." ESquared
 
Upvote 0 Downvote
That's the sort of software we're using here (from a different vendor).

Mechanisms of dealing with name clashes, email address clashes etc are being written into the system from the design stage.

John
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TopTeller
  • Locked
  • Question
Is ms-access a true recommendation for students to use with VB? 2
Replies
4
Views
140
SamBones
SamBones
ABDOU.B
  • Locked
  • Question
CPPM without redandansy (split mod)
Replies
0
Views
95
ABDOU.B
ABDOU.B
VIJSQL01
  • Locked
  • Question
Having an issue with BCP Command
Replies
7
Views
178
djj55
djj55
JAFrank
  • Locked
  • Question
I could really use help with a SQL query 1
Replies
7
Views
146
JAFrank
JAFrank
gmagerr
  • Locked
  • Question
Help with Normalization 1
Replies
5
Views
97
gmagerr
gmagerr

Part and Inventory Search

Sponsor

Back
Top