Synchronizing Identities

Today's identity management solutions generally rely on using a central LDAP directory as their main identity repository. This is where all
information relating to any employee should be available.

However, in enterprise environments, this identity information either originates from, or is needed in, a variety of different repositories.
A few examples include the human resources software that stores employees' information in a database, Microsoft's Active Directory solution for desktop computer management which needs users' identities, or that old directory which just won't replicate with any newer solution.

So, how do you keep information in all these different identity repositories in sync with each other? Manually copying and pasting information is obviously not a viable solution for any more that a few hundred users.

The LDAP Synchronization Connector (LSC) project is an Open Source tool to address this problem. Relying on standard protocols, it can address
any SQL database and any LDAPv3 directory, as well as read from flat files, in order to set up continuous synchronization between different
repositories.

A very powerful mapping mechanism allows fine-tuning of which data goes where, including default values, external lookups and directory-specific
tools, such as password hashing and account status management.
Published under the BSD license, LSC was created 4 years ago. Since the creation of the public website, lsc-project.org, one year ago, 6 regular
contributors have been working to improve the tool. It is already used to synchronize hundreds of thousands of entries by several
multi-national companies.

This talk will introduce the need and frequent use-cases for such a tool, present the tool and surrounding project and detail some specific
examples for use, including a live demo.