RE: Re: [ActiveDir] ADAM Management Tool REQs and Desires...... WAS: Internet Authentication Concepts: Pointers?

Wed, 03 May 2006 10:43:36 -0700 

Or more like something like an interactive ad "shell".

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matheesha 
Weerasinghe
Sent: Wednesday, May 03, 2006 1:26 PM
To: [email protected]
Subject: Re: Re: [ActiveDir] ADAM Management Tool REQs and Desires...... WAS: 
Internet Authentication Concepts: Pointers?

personally, I'd like a command line tool thats interactive like ntdsutil or 
nslookup. I'd be able to use this to browse the ADAM instance from a command 
line. Have a prompt which allows me to navigate the hierachy. Execute commands 
such as create/delete <objecttype> etc...

M@

On 4/28/06, Stewart, Fitz <[EMAIL PROTECTED]> wrote:
>
>
>
> Heck, just give a user the ability to create and otherwise manage 
> objects – users, groups, the basics.  Name, etc.  Nothing fancy, just 
> not the command-line-ishness of ADSIEDIT.
>
>
>
>
>
>
> -fitz
>
>
> 703-866-7473
>  703-626-5741 (cell)
>
>
>  ________________________________
>
>
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of joe
>  Sent: Friday, April 28, 2006 3:46 PM
>  To: [email protected]
>  Subject: RE: Re: [ActiveDir] ADAM Management Tool REQs and Desires......
> WAS: Internet Authentication Concepts: Pointers?
>
>
>
> I have some curiosity in this realm...
>
>
>
> What would everyone consider good things and requirements for an ADAM
> management tool. Even assuming, cough, GUI.
>
>
>
>   joe
>
>
>
>
> --
>
> O'Reilly Active Directory Third Edition -
> http://www.joeware.net/win/ad3e.htm
>
>
>
>
>
>
>
>  ________________________________
>
>
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Jef Kazimer
>  Sent: Friday, April 28, 2006 10:01 AM
>  To: [email protected]
>  Subject: RE: Re: [ActiveDir] Internet Authentication Concepts: Pointers?
>
> Since it is "LDAP" I did look at some "friendlier" admin tools, but none
> really hit the mark for me.   I believed that group looked at Softerra's
> tool,  and there is the web based PHP LDAP manager, and also the C# LDAP
> manager tool.  You can Live search the names or I can post the links here if
> you want.
>
>
>
> In the end I wrote my own as a .NET web app since I found them lacking.
> Yet as I said if I want to go global,  I don't know if I want to position
> what I wrote without some major changes. :)
>
>
>
> J
>
>
>
>
>
>  ________________________________
>
>
> Subject: RE: Re: [ActiveDir] Internet Authentication Concepts: Pointers?
>  Date: Fri, 28 Apr 2006 09:44:55 -0400
>  From: [EMAIL PROTECTED]
>  To: [email protected]
>
>
> That's a very good point.  Does anyone know of any 3rd parties which improve
> the ADAM administrative UI "experience"?
>
>
>
>
>
>
>
> J. Fitzgerald (Fitz) Stewart
>
> Systems Architect
>
> IRM/OPS/ENM
>
> Worldwide Information Network Systems
>
> USAID/DoS IT Infrastructure Collaboration Program
>
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
> 703-866-7473
>
> 703-626-5741 (cell)
>  ________________________________
>
>
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Jef Kazimer
>  Sent: Friday, April 28, 2006 9:27 AM
>  To: [email protected]
>  Subject: RE: Re: [ActiveDir] Internet Authentication Concepts: Pointers?
>
>
>
> Mylo,
>
>
>
> Thanks for the information!
>
>
>
> I have setup ADAM utilizing a custom web UI utilizing AZman for a small
> project before, but I have concerns about scalabilty.  The issues are not
> with the ADAM instance at all, but the UI that is needed to manage ADAM.
> ADSIedit is great for someone who understands the directory, but it's not
> that user friendly for web application owners, helpdesk, etc.  This was for
> a simple application of about 500 users, and it met their needs but I don't
> see this as a scalable solution from a global perspective.
>
>
>
> This will be a backend data store that contains the user identity, but the
> applications that utilize it will be of different flavors from DMZ hosted
> web apps, to externally hosted apps.   The flavors of web apps will range
> from websphere, ColdFusion,  .NET and I suspect some PHP apps.
>
>
>
> With AD,  I guess I was thinking it has a well known support interface
> (though I am sure I would need to customize anyway...so I'm not sure that
> value is really there).   So I was expecting to maybe find 3rd parties that
> do sit in front of this to manage the IDs stored. Though this could be AD or
> ADAM with ADAM being the most cost effective.   This looks like siteMinder
> might be a good solution to manage all of these environments but I will need
> to look into that.
>
>
>
>
>
>  I suppose I am getting ahead of myself, because I do not know the
> requirements as of yet, and I'm making assumptions that could be totally off
> the mark here.   I guess it's a new environment and wanted to get some info
> ahead of before it was needed. :)
>
>
>
> Thanks again!
>
>
>
> Jef
>  ________________________________
>
>
> > Date: Fri, 28 Apr 2006 01:40:09 +0200
>  > From: [EMAIL PROTECTED]
>  > To: [email protected]
>  > Subject: Re: [ActiveDir] Internet Authentication Concepts: Pointers?
>  >
>  > Jef,
>  >
>  > As Al pointed out, there are numerous products
> from vendors such as
>  > IBM/BEA/Oracle/RSA/Netegrity/Entrust/Baltimore Labs
> (RIP) etc providing
>  > web-based authentication/authorisation in front of
> AD. Since from a
>  > design point-of-view it's generally not a good idea
> to stick AD too
>  > close to the Internet, often these solutions comprise
> a presentation
>  > tier, e.g. with  IIS (using  some sort of ISAPI plugins)
>  that th! en hooks
>  > into your business&n bsp;logic (e.g. middleware) or your
> data tier (e.g.
>  > LDAP/AD/SQL) ... if you want to look at this from an
> MS purist
>  > perspective then I'd suggest having a look at
> n-Tier solutions within
>  > the MSDN area. Although, this has a more developer
> emphasis than you'll
>  > probably want, it gives a good insight into how
> Internet authentication
>  > works, particularly .NET as well as older products
> such as Site
>  > Server/Commerce..
>  >
>  > Try googling on Authorization Manager (AZMan) to give
> a good example of
>  > how a& nbsp;role-based mana! gement approach (assuming a
> web t ier) with an AD
>  > backend would work..... Also look at ADAM as an initial
> 'point' solution
>  > for Internet usag rather than AD alone.
>  >
>  > You also mentioned self-registration and this
> kicks off an entirely
>  > different thread (in my mind anyway)...
>  >
>  > 1. What are you providing access to?
>  > 2. Whom are you registering and for what ?
>  > 3. What authentication mechanism do you wish to use
> (username/password,
>  > certs, OTP).
>  > 4. Do you need to provide some form of authorisation
> once authenticated
>  > as  well? What form&nb! sp;does this need to take?
>  > &nb sp;
>  > Hope this helps.
>  >
>  > Regards,
>  > Mylo
>  >
>  > if you need an initial
>  >
>  > Jef Kazimer wrote:
>  >
>  > >Al,
>  > >
>  > >I apologize,  as I am going only on what little
> information I have.  I guess I was trying
> to do some pre-meeting recon work since I had
> seen it metioned here about 25mil internet
> users for some people.  I had assumed
> there might be some scenario documentation
> for such a thing.
>  > >
>  > >I will know more after the meeting of course, so
> I'll see if I can  explain myself better.> >
>  > >I understand dire ctory design for an enterprise, but
> have never done so for a internet instance that
> would have self registration.  I suspect
> there are some different lessons learned
> from that scenario so was curious.
>  > >
>  > >Thanks,
>  > >
>  > >Jef
>  > >
>  > >
>  > >
>  > >
>  > >
>  > >>Date: Thu, 27 Apr 2006 15:31:33 -0400> From:
> [EMAIL PROTECTED]> To: [email protected]> Subject: Re:
> [ActiveDir] Internet Authentication
> Concepts: Pointers?> > That's not a lot to go on, Jef.
> Can you give some more information?& gt; >
> For example,!  these public internet sites? Are  they web
> only? What type> of authentication is
> needed? What were your plans for
> authorization?> Are you planning to use
> something like SiteMinder or Tivoli or ?? to> help you deal
> with authorization if using web sites?> >
> Al> > On 4/26/06, Jef Kazimer <[EMAIL PROTECTED]> wrote:> >>
> >> > Ok, here is something I'm just
> starting to research, and I thought maybe>
> > someone here has some pointers or a
> direction they can steer me in.> >> >> >>
> > We are looking&nbs p;at a potential consoli! dated directory/database
> to contain>&nbs p;> user registrations
> (Self registration and possible bulk load)
> for multiple> > public internet sites for
> products of our company.> >> >> >> >> >> >> >> > I
> was wondering if there are any published
> scenarios that addess this> > solution as
>  > >>
>  > >>
>  > >a starting point for consideration.  We are thinking
> of using a> > public AD forest as the
> potential repository, but I am curious if there
> are> > any lessons learned when designed&
> nbsp;such a scenario.> >&! gt; >> >> > Thanks,>  >> >> >> > Jef> >> >> >> >>
> >> >> > ________________________________>
> > Upgrade for free to Windows Live Mail beta
> and you could win an African> > Safari
> Learn more> [1]ا~m
>  > >List info   : http://www.activedir.org/List.aspx
>  > >List FAQ    : http://www.activedir.org/ListFAQ.aspx
>  > >List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>  > >
>  > >
>  >
> >------------------------------------------------------------------------
>  > >
>  > > ;No virus found in this incoming message.
>  > >Checked by AVG Free Edition.
>  > >! Version: 7.1.385 / Virus Database:&nbs p;268.5.1/326 - Release
> Date: 27/04/2006
>  > >
>  > >
>  >
>  >
>  > List info   : http://www.activedir.org/List.aspx
>  > List FAQ    : http://www.activedir.org/ListFAQ.aspx
>  > List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>
>
>  ________________________________
>
>
> Join the next generation of Hotmail and you could win a trip to Africa
> Upgrade today
>
>
>  ________________________________
>
>
> Join the next generation of Hotmail and you could win the adventure of a
> lifetime Learn More.
>
.+w֧B+v*rz     Vryi˽箊
[EMAIL PROTECTED]       ��V�r�y�&��-�����4���i�b��b��

Reply via email to