Identity Manager 8.1 provides the following major new features:
This feature provides Identity Manager with the functionality to manage provisioning and auditing for applications in the enterprise that are not directly connected to Identity Manager through a resource adapter. This includes non-digital external resources such as laptops, cell phones, and security badges. Provisioning external resources via Identity Manager will result in one or more provisioners being notified via email or through Remedy Help Desk 6.3 notifications.
The Connector Framework provides a new way to connect Identity Manager to target applications through the use of a connector. Identity Connectors and the Framework are part of an open source initiative that offers a generic and consistent way to provision resources with Identity Manager. Connectors have been decoupled from the core Identity Manager server, enabling them to be released independently of Identity Manager builds. In addition to the open source project website where additional connectors will be available for download, Identity Manager comes with the following supported connectors:
Microsoft Active Directory 2003 and 2008
SPML 2.0
See the open-source project website, https://identityconnectors.dev.java.net/ for more information.
Additional connectors will be added in the near future.
This integration focuses on Sun Role Manager versions 4.1.3 and higher. Identity Manager forms can now directly invoke Role Manager web services to notify and invoke roles operations on users. The Identity Manager Data Exporter already allows Role Manager to retrieve Identity Manager's users and roles; the latest 8.1 data exporter now provides:
Capabilities information that will enable better user mining.
Resource schema which will be leveraged in future Sun Role Manager versions.
Identity Manager uses JMX MBeans to provide performance data for the List, Create, Get, Modify, Delete and Authenticate operations. The following data are collected:
Count of operation
Moving Average time per operation
Minimum time per operation
Maximum time per operation
Collection start time
Resource Adapter class and version
Identity Manager supports Advanced Encryption Standard. AES is a symmetric key encryption technique that can be used instead of Data Encryption Standard (DES). AES is commonly used by government application to protect data.
This feature offers a standard non-repudiation mechanism using the W3C XML Signature Syntax and Processing (XMLDSig). This enhancement provides the ability to create, store and display work item approvals in an XMLDSig format. This format also optionally allows the inclusion of RFC 3161–compliant time stamps.
Support for SPML2.0 has been enhanced. Identity Manager supports the search capability. In addition, audit logging is now supported.