davenesbitt.com

This is the last post on this site (not that I think anyone still reads this, but you never know). I'm having a sort out and splitting this site between my personal blog "I Byd It" and my work blog "The DIM Blog". I do aspire to being a regular blogger, but it hasn't happened yet. Maybe one day.

I'm speaking again next week at OCG's US IDA Summit in Manhattan. Come and see us and say hi. Details here

I'm delivering one of the morning presentations at the OCG IDA summit next week, entitled "Building a Strategic IDA Infrastructure".

OCG have announced the "OCG European Identity and Access Summit 2009". This is in place of the old (and much-loved) MIIS/ILM User Group, the idea being to expand the event to include all Microsoft IAM technology, not just good old MIIS/ILM. There will also be a US event to complement the European one.

We're delighted to announce the Oxford Computer Group blog, featuring news, comments and snippets from OCG, including regular updates from the architects and consultants such as yours truly. It's early days yet, but we hope this will become a valuable IAM resource for anyone interested in IAM and the Microsoft IAM Products and Framework. Take a look and let us know what you think.

A wonderful article about The Stig and Identity Management on the OCG Website. Whoever wrote that must be a genius of the first order as well as a handsome and likeable chap. I wonder who it was?

This is another post excusing the fact I haven't posted anything meaningful for months. I could make the usual excuse that I have been too busy but it wouldn't be true. I have been busy, both at work and home, but I could easily have found the time for a quick post or two. Look, here I am doing just such a thing. I could also claim that I just haven't found anything worthy of blogging but this wouldn't be true either. I've seen, done and heard lots of things that I could have blogged. The following anecdote is vaguely related to this:

Yeah, I know, I'm a bad person, so sue me.

Really, 2008 went by so fast doing fun stuff with ILM 2007 (and my family, when I remembered I had one) that I barely had time to think of blog posts. Actually, that's not completely true; I had plenty of time to think of blog posts, I just couldn't think of anything that interesting to write.

Sorry it’s been so long since my last entry. I’m working flat out taking a large MIIS/ILM project live and barely have a minute spare to wash, eat or sleep. My colleagues are starting to complain about the smell and my children barely recognise me any more. "Wait, I have a father? Really?"

I’ll post about lessons learned from this particular project once it's completely live, but right now I’d like to share an odd issue I’m experiencing with MIIS/ILM interfacing with iPlanet LDAP Directory. In the iPlanet directory the customer has added their own schema extensions and one of the attributes I need to manage is one of these home-grown additions. The iPlanet schema states that the attribute is a directoryString, yet MIIS/ILM swears blind that it is a Boolean and won’t let me export anything but a 1 or 0 to that field. It seems most odd. I wonder if the attribute is properly defined. Any ideas?

I was reading a pretty good (if a little bland) piece on PKI today on the ZDNet announcments newsletter, when it suddenly struck me that I couldn't remember the last time anyone actually dared to say the "P" word aloud. It feels as if PKI has been airbrushed from history at the moment: we talk about strong authentication or certificate lifecycle management, but PKI itself seems tarred with the same brush as X.500 and other nasty, difficult, unsexy old hat directory stuff. So much so that if you see the Gartner hype curve for IdM (I don't have a link, sorry), you'll notice that PKI doesn't even appear. There is no PKI; there never was PKI; no-one here ever said there was or recommended you deploy it; move along, there is nothing to see.

PS. Read the comment from one disgruntled ZDNet reader for a chuckle.