Mixed Deployment

The most likely option given today's AAA technology constraints is a mixed deployment. Some services own user repositories, others are able to leverage the root user-repository directly, and still others inter through a AAA system. In this deployment, there can be more than one AAA system, depending on the applications.

For example, you might use one AAA system for TACACS+ administrative access and another for user n access. Figure 9-3 shows this topology.

Figure 9-3. Mixed AAA Deployment

In this topology, you can see several differences from the middleware design. First, there is a dedicated system for administrators. Second, some applications have their own user repositories and do not interf directly with the root user-repository.

The main design problem results from the fact that users and administrators must deal with identity dat on a number of different systems. For example, when users wish to change their passwords, several difi systems must be accessed. Deploying an identity synchronization application can help and is listed as o| the upper-left corner of Figure 9-3. These applications can be either purchased commercially or develop house.

Identity synchronization applications are designed to automate the propagation or modification of usern passwords, and other attributes on disparate systems. Think of this as the workaround for the lack of in some applications have with your core identity infrastructure. These applications could, for example, ext employee names out of an HR database and propagate them into a calendaring application. Default pas: could then be generated for users. Helping users change their passwords is another feature of such a sy going to a web interface, users could identify the systems on which they want to change their password could be executed automatically on behalf of the user.

100 SEO Tips

100 SEO Tips

100 SEO Tips EVERY SEO Enthusiast Should Know. This Report 100 SEO Tips will help you to Utilize These Tips to Dominate The Search Engine Today.

Get My Free Ebook


Post a comment