Gather Requirements to RFP#

As Subject Matter Expert and technical lead, performed interviews of key stakeholders to determine requirements for success.

Complete Design for Reduced Sign On#

Primary Architect for IDM design to:
  • Allow for a single credential store to be utilized where ever possible which would allow Single Sing-On.
  • Back-end synchronization to provide for Consistent Sign-on where SSO could not be achieved.
A framework was created to support authentication and authorization of entries by in-house and off-the-shelf applications.

Vendor Selection and Testing#

The Requirements assessment determined the use cases that would be required, desired or dreamed for a product to implement. Each use case was weighted and each product was scored.

The top two(2) products were brought in house to perform a proof-of-concept of functionality.

Solution Implementation#

Design was created to fulfill use cases determined from Requirements assessment. Design was put into development environment and all sue cases were performed and design was tuned for execution.

Application Integration#

Led workshops for with in-house developers and created a best practices framework for using identity store. More than 200 applications were converted to be able to utilize the Identity Store.

Implementation of PAM_LDAP and PAM_NIS#

Considerable work was performed designing a plan of integrating Unix (Solaris, HP_US, AIX) platforms using PAM_LDAP and PAM_NIS. Due to time constraints a decision was made to only implement PAM_LDAP. A couple of years later they implemented PAM_NIS. The same infrastructure also now supports Linux.


In addition, working with Arron Spangler, we developed a methodology of LDAP'izing sudo and provided out work back to the Sudo organization.

SAML Implementation#

Worked with Cleartrust and implemented a SAML 1.1 complaint implementation.

More Information#

There might be more information for this subject on one of the following: