Open identity
- Reduce text size Decrease text size
- Increase text size Increase text size
- Print article Print
- Jump to comments Comment
- Share this article Share
- Email article to a friend Email
Meat processing company Kepak benefits from an open source identity management system.
Today’s senior executives have grown accustomed to the convenience of email, and few would countenance a day without it. But that nightmare scenario appeared a realistic proposition for Dublin-based meat-processing business Kepak in early 2004, after the company that remotely managed its email system went bust.
Kepak’s infrastructure manager Chris Whelan was in the unenviable position of having to replace the company’s email and firewall systems, quickly and on the budget the company had grown used to.
But for Whelan this crisis was also an opportunity to establish a new infrastructure, one that would make the 2,000 plus users’ lives simpler and that would prepared the organisation for the future.
Faced with the prospect of purchasing numerous new software licenses, Whelan decided to build the messaging infrastructure around an open source identity management system.
“We had been dabbling with open source software before,” explains Whelan, “and by the time we had to replace all these functions, everything we needed was available in an open source form.” He adds: “What we didn’t have was the detailed experience of Linux implementations.”
That was where open source consultancy Sirius got involved. It worked with Kepak’s internal staff to get the initial systems up and running, and integrated with other systems, while training them to install their own Linux implementations on servers straight out of the box.
The first fruit of the collaboration was an OpenLDAP-based identity directory, which Whelan describes as the “lynchpin of the identity management project”.
OpenLDAP is an open source version of the Lightweight Directory Access Protocol. So to support the identity management function, Whelan’s team specified the information that constitutes an identity, including the email address and access rights. “That took us to the point where users need only one username and password to access their email, and gain entry into a number of company websites,” says Whelan.
The system also makes securing passwords simpler, by putting all access data in a single, manageable repository.
