Why UNIX Identity Manager?
Works with any UNIX/LINUX operating system without a requirement to install custom agents. All modern UNIX operating systems have support for PAM-LDAP architecture which will enable easy integration with UNIX Identity Manager.
UNIX systems will only need to be configured to use LDAP directory for authentication and name services and UIM will help with enforcement of role based access, user account and group management.
No requirement for custom agents means simplified UNIX/Linux OS support and troubleshooting from single OS vendor. All necessary functionality for user authentication and name services is already included with UNIX/LINUX operating system except consistent role based access control.
UNIX Identity Manager allows support for the entire UNIX user identity management life-cycle (add/modify/delete) without a requirement to connect to UNIX servers directly. All changes are done in enterprise LDAP directory.
Enterprise Identity and Access management architecture is a key enabler for any large enterprise. Point solutions are no longer sufficient and usually create challenges during acquisitions, mergers, outsourcing to third party partners and migrating services to the cloud.
We, at PlankZero, believe, that in order to achieve operation efficiencies and significantly reduce time-to-market for internal and off-the-shelf software products, enterprise security must be built based on centralized services model. In order to achieve this goal UNIX Identity Manager was created with overall enterprise identity architecture in mind.
It is possible to implement UIM as a standalone product, if all employee onboarding processes and access provisioning is driven through manual processes, however it has been fully architected to integrate with automatic provisioning and role based access systems that are likely already in place.
UNIX Identity Manager is written in Java and can be implemented on any hardware supporting Sun Java application platform. Access Gateway component is implemented as Java executable and User Administration Module can be installed on any Java application server like Tomcat, JBoss or Weblogic. Product can also be provided as a VM image or as hardware appliance.
Significant number of businesses already invested time and resources to implement and properly manage LDAP directories. Typical application of LDAP directories include user and customer authentication and authorization for internal and external applications, rich and functional address books and information portals.
There is no reason to create and maintain separate centralized authentication user store just for UNIX when existing directory can be enabled for that purpose.
UNIX Identity Manager allows to leverage existing enterprise LDAP directory for UNIX authentication and name services. It is built to utilize key LDAP concept of object class layering to service provisioning and alao allows to properly segregate identity management responsibilities between different functional areas.
In this model UNIX management team relies on centrally managed LDAP directory and is only responsible for enabling existing user identities for access to UNIX through proper work flow.