• Directory Services

  • LDAP is usually used as the data store for digital identities. Most enterprise Identity Management solutions integrate well with the leading LDAP vendors (Active Directory (AD), Oracle Unified Directory (OUD), Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Open LDAP, Forge Rock OpenDJ, NetIQ eDirectory (formerly Novell eDirectory NDS), but some tools use SQL databases to store identities. There is no right or wrong answer regarding the datastore.

    • Our LDAP experts will make sure that your LDAP store is ready and secure, we can introduce partitions or replication to meet your requirements.
    • We cautious customers that not every network engineer is an LDAP consultant. It requires special skills to design LDAPs for Digital Identity solutions.
    • Correct sizing of an LDAP store is very important. Our extensive experience with the LDAP vendors have enabled us to fine-tune LDAP stores for Digital Identity use.
    • Due to some limitations with existing market tools, we developed vendor-specific designs.
    • Often LDAP architects neglect the security part of the Tree, most implementations has anonymous access to all Identities and objects available for someone with some LDAPSEARCH experience.
    • Our extensive experience has enabled us to normalize LDAP objects and utilize relationships to reduce the Digital Identity profile footprint to improve data access performance
  • LDAP Assessment

    Is your LDAP slow? Is your DIT design old? Do you have a deep DIT design and worried about restructuring it? Is your LDAP secure?

     

  • One of our clients had an LDAP implementation that was designed over 10 years ago. The team who had installed and configured the implementation had since has left with the knowledge and no documentation left behind. LDAP has become slow and was used by many day-to-day applications for authorization. After the client experienced multiple outages and was unable to stabilize their environment, they reached out to Otecia and our team was able to analyze and remedy the sluggish behavior:

    -       Analyzed the current LDAP system

    -       Reverse-engineered the design and authorization rules

    -       Documented the current LDAP

    -       Optimized the LDAP by removing unnecessary evaluations and reconfigured indexes based on clients use cases

    -       Removed unnecessary LDAP inquiries

    As a result, the system was executing LDAP calls in less than a second.

    The second phase of the project was to design a new LDAP infrastructure to meet current technical and business requirements. Our team migrated all applications, objects, and identities to the new LDAP. Client was extremely satisfied and was able to provide a stable LDAP foundation for the Middleware application and LDAP applications.