• Site Map
• Contact Us

• Home
• Our Company
  • Customers
  • Careers
  • Contact Us
  • RSS & Blogs
• Products
  • Identity Manager
  • Password Manager
  • Group Manager
  • Privileged Password Manager
  • Download evaluation
  • Releases
  • CC Certification
• Solutions
  • Security, Governance and Regulatory Compliance
  • Reduce IT Support Cost
  • Improve User Service
• Support
  • Shipping products
  • Supported versions
  • Customer Portal
  • Create Incident
• Services
  • Solution Delivery Services
  • Solution Delivery Process
  • Education
  • Upgrades
  • AdMax Program
  • Outsourced IdM Administrator Service
  • Guarantee
• News &  Events
  • Press Releases
  • Press Coverage
  • Upcoming Events
  • Archived Webinars
• Resource Center
  • White Papers
  • Independent Reviews
  • Brochures
  • Slide Decks
  • Case Studies
  • Regulatory Compliance
  • Certifications
  • Community
• Partners
  • Technology Partners
  • Certified Resellers
  • System Integrators and Consultants
  • Managed Service Providers
  • Public Sector
  • Partner Portal
  • Partner Programs

Technology Included Connectors LDAP

  

LDAP Integration

Hitachi ID Password Manager (formerly P-Synch), a component of the Hitachi ID Management Suite, actually supports more than just passwords -- it is, in reality, a platform for managing authentication factors and encryption keys. Password Manager is used by many organizations to reduce the volume of IT support calls relating to passwords and PINs, to improve user productivity by eliminating login problems and to strengthen the security of passwords and of user support processes. Password Manager includes built-in connectors to manage passwords on over 113 kinds of systems and applications.

LDAP Directory Integration

Password Manager is tightly integrated with LDAP directories, as follows:

• Directory integration:

  Password Manager is normally configured to automatically define its own users based on the users that exist in an authoritative directory, which can be an LDAP directory. There is no need for duplicate administration or reconciliation of Password Manager, separately from LDAP.

  Users can be excluded from Password Manager by virtue of group membership in LDAP or wild-card string matches on short or fully qualified login names.

• User profile storage:

  All user profile data, including a list of login IDs per user, security questions used to authenticate users during Password Manager self-service password resets and other identity attributes, can be managed by Password Manager directly in an LDAP directory. This means that searches for user data first go to LDAP and retrieved data is temporarily stored in the Password Manager identity cache. Updates to user profile data are written to both the identity cache and to LDAP.

• Transparent password synchronization:

  Password Manager can be configured to intercept native password changes on LDAP directories from Microsoft, Sun/Oracle and IBM and:

  • Apply a supplementary password policy beyond the one built into the LDAP server and potentially reject the initial password change.
  • Automatically synchronize the user's other passwords, on other systems, to the new LDAP password value.

  This optional process requires a shared object library or DLL to be installed on each LDAP server -- this can be done centrally in an automated fashion from the Password Manager server.

Triggering Password Synchronization

Native password changes made on LDAP directory servers from Microsoft, Sun and IBM can trigger transparent password synchronization.

© Hitachi ID Systems, Inc. . All rights reserved.