Oracle Directory Manager is a Java-based tool for administering Oracle Internet Directory (LDAP). The Oracle Directory Manager is the main directory administration tool and it is installed with Oracle Internet Directory.

When developing applications there is often one or more central LDAP directories for developers to use. When working on a new application it is often necessary to reset entries, test scenarios, etc. However, it is unlikely that everyone’s desktop will have the entire OID installation. On my desk alone there are 3 desktop machines, and one laptop and non of them have the full Identity Management stack. In fact, the laptop is from when I was with Siebel so, although it was manufactured this century, it has little more than JDeveloper, Thunderbird and Oracle Calendar running on it.

One easy way to have Oracle Directory Manager on every developer’s machine, but not having to install anything else, is to take advantage of the fact that it is a Java application.

To achieve this, copy some jars (over 15 of them!) from the ORACLE_HOME/jlib and the ORACLE_HOME/ldap/oidadmin directories to a directory on your PC. Let’s call it oidadmin. Keep the directory structures. The entire list of jars is below. The main class is oracle.ldap.admin.client.NavigatorFrame and there are a few parameters that need to be passed to it. The entire command line is too long to type, let alone remember, so put it all in a file called oidadmin.cmd (when on windows) in the same oidadmin directory.

oidadmin.cmd

java
-ms4m
-mx128m
-Dsun.java2d.noddraw=true
-Dsun.java2d.font.DisableAlgorithmicStyles=true
-classpath "./ldap/oidadmin/osdadmin.jar;
./jlib/netcfg.jar;
./jlib/help4.jar;
./jlib/help4-nls.jar;
./jlib/oracle_ice.jar;
./jlib/jewt4.jar;
./jlib/share.jar;
./jlib/ewt3.jar;
./jlib/ewt3-nls.jar;
./jlib/ewtcompat-3_3_15.jar;
./jlib/swingall-1_1_1.jar;
./jlib/dbui2.jar;
./jlib/dbui2-nls.jar;
./ldap/oidadmin/oidldap.jar;
./ldap/oidadmin/netutil.jar;
./jlib/oemlt-9_0_2.jar;
./jlib/ldapjclnt10.jar"
oracle.ldap.admin.client.NavigatorFrame
-AdminRoot:Start
-ldap
-AdminRoot:End
-LDAPRoot:Start
-meta
-ohhome
"."
-LDAPRoot:End


The above is formatted for readability and should be all on the one line. On windows I create shortcut on the desktop to the command file. The final touch is to use the OID Directory Manager icon for the shortcut. Any machine with Java can become a OID Directory Manager machine which I have found really useful for demonstrations and collaboration with developing new solutions.

Although the FFIEC advices against it, many banks, particularly in the USA, still use single factor authentication for most, if not all of their services. The banks do, however, implement a number of pattern and behaviour matching in an attempt to find account fraud and identity theft. This is somewhat reassuring until you realise that bank staff, and government agency employees, have been known to loose laptops with customer data, and worse still, not follow their own corporate policies on data protection.

Fraud and identity theft protection is a consumer, as well as corporate issue. In my day job I focus on the corporate solutions, but there are consumer solutions out there too. One consumer solution of note is Life Lock, which provides some novel approaches to tackling this problem. These include registering, and continually registering, fraud alerts with credit bureaus, monitoring address changes and a $1,000,000 guarantee to cover costs of restoring things to their proper state if a fraud does take place. The fact that they can put an end to getting those annoying pre-approved credit letters may well be the most significant immediate value for some.

One of the interesting automated services provided is the recently announced eRecon, which trawls the murky underbelly of the Internet to see if your personal information, or a snippet of same, shows up in the identity thieves’ marketplaces. I guess you could call it the Black Ops of identity theft protection.

My point is that not only is multi-factor authentication a must, but multi-factor identity protection, both corporate and consumer, is a must in the information age.