Ben Walter has been working as an Identity, Security and Access Governance Specialist for over 14 years in differing roles across various sectors in Australia and New Zealand, each having their own unique requirements and constraints.

Currently employed with EY Identity, building a better working world with our customers.

While Ben has had exposure to the varying product suites, the majority has been with the Micro Focus/NetIQ products. During this time he has writen the following articles:

Reporting Events to AbuseIPDB (10th Aug '18) AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
Using Identity Manager Roles as Access Manager Roles (15th Feb '18) This aims to join the dots between Identity Manager Role(s) and Access Manager Role(s) in a dynamic way.
DNSSEC, SPF, DKIM and DMARC explained (23rd May '17) Securing email authenticity can be easy, once you have everything in place. Trying to find a single location with all the information can be a little more difficult.
Generic Identity, Security and Access Management Diagram (16th May '17) We were trying to hunt for a diagram that showed a combined, generic consolidated overview of Identity, Security, and Access Management that was slightly biased towards Micro Focus. After a few hours on Google, we gave up and created our own.
Auto Build a Designer Package Repository from built Plugins (6th Mar '17) Using packages, to manage code between your IDM environments, allows for consistent transfer of code and easy management. Sharing packages between multiple team members can become cumbersome, unless you setup your own repository.
Header issues with IDM Applications on Tomcat (21st Jan '16) We experienced two issues with User Application v4.5 running on Tomcat. The first issue has been mentioned quite a few times on the forums and ncisrael provided a fix for. This is the issue of Compatibility Mode in Internet Explorer where the Header Portlet does not show.
IDM 4.5 OSP SAML2 SOAP Envelopes (11th Dec '15) For those that missed the unclear documentation, only NetIQ Access Manager is "supported" for SAML 2.0 into OSP. Future releases are planned to make this actual federation (i.e. any IDP), but that is some time off.
Understanding Sentinel disk usage (2nd Oct '15) Everyone knows that Sentinel is a great product, but with a great product comes great disk usage (even with secondary configured). This article is meant to be a guide only to how the disk is used and some recommendations that may assist in managing this disk usage. The sizes below are based on our single production server that monitors AD and eDir, so is not HA or large scale enterprise.
Identity Manager Applications, PAT, and Firewall (28th Sep '15) Consider this common scenario: The Identity Manager applications (IDMProv, osp, dash, landing, sspr) all running on the one instance of Tomcat; You want to PAT (Port Address Translation) from 80/443 to 8080/8443 so you utilise common URLs without ports; Tomcat needs to run as novlua and therefore can not bind as 80 or 443. This presents a challenge, especially if you wish to use the SuSEfirewall2.
Forwarding Sentinel events to BMC with MSEND (15th Sep '15) If your Enterprise Operations Management solution is the BMC suite, Sentinel can easily be configured to send correlated event information using the msend binary as an Execute Action.
Making Identity Tracking work with Microsoft Active Directory completely (14th Aug '15) While Identity Tracking (IdT) is a powerful add-on that allows you to view an identity’s activity from a holistic approach, there are some limitations due to restrictions by the event source.
Access Manager Local Firewall on SLES (14th Apr '15) Previously I had posted a script for port redirection on the Identity Server. I’ve since found this doesn’t work too well when the local SLES firewall is enabled. The following is a better solution.
Access Manager SSO to Remedy ARS (26th Jan '15) Remedy ARS can be a powerful tool for managing parts of the ITIL framework. A powerful tool also requires powerful access controls. NetIQ Access Manager can easily be configured to control access to Remedy while still making it less cumbersome for end users.
Recovering Sentinel Partitioned Event Data from Raw Data (9th Oct '14) We encountered a very rare event where the Event Partition Data (index of raw event data) failed to be written to the secondary storage. While the compressed raw data was still intact and written to the secondary storage, it could not be queried as the index of its content was missing.
Sentinel Backup Scripts (28th Aug '14) These two scripts simplify the management of Sentinel Backups by only keeping the last 2 of each (daily/full) compressed backups.
Sentinel PostgreSQL Maintenance Script (25th Aug '14) Sentinel’s PostgreSQL database can take up a large amount of disk space, especially if you are utilising the Sentinel Identity Tracking solution. This is a result of the way PostreSQL functions. When a row in a table is deleted or updated, it is only marked as such and the physical disk space is not tagged as re-usable. These are called tuples and are cleaned up by calling the VACUUM function.
Resolving Sentinel's Certificate Constraint Issue (22nd Aug '14) Some of you may have struck the Certificates does not conform to algorithm constraints issue with Sentinel and been a bit confused by the original response of “A proper resolution is to use custom certificates on the logging applications that use strong encryption (key sizes of 1024 or more). Once all applications have been updated, the restriction can be put back in place.” as stated in TID 7014219.
Sentinel Log Parser (21st Jul '14) Sentinel 7 writes Performance Snapshots to the server0.0.log file every 15 minutes with information that can be useful for diagnosing performance issues and planning expansions of the solution.
Securing JBoss with User Application (28th Jan '14) A lot of this content was taken from this URL, but I’ve listed here what is required for most situations. First, we’ll assume that JBoss and User Application have been installed at the default location of /opt/novell/idm/ and that the Advanced/Provisioning module has been installed with the default context of IDMProv.
Sentinel Dynamic List and Map Data Add/Remove Script (29th Aug '13) This single script allows for adding and removing of Dynamic List or Map Data lines.
dxcmd switches (26th Jul '13) So, I was having a problem on a server that had more than 1 NIC but eDirectory was attached to only one of the IPs. When I’d run dxcmd, it would continually attach to the NIC that didn’t have eDirectory bound. For the life of me, I couldn’t find documentation on how to specify the IP address for dxcmd and any of the standard windows help switches ( /?, etc) were not working (of coarse I didn’t try the *nix switches as this was a Windows installation).
Identity Server Port Redirection Script (31st May '12) As described in TID 7008345 – 300101016 error diplayed at the browser when IDP server accelerated by the Access Manager 3.2 AG appliance, you may require the Identity Server to route requests on port 443 to the listening port of 8443.
IDProvider call from User App (IDM 4.0.1) (26th May '11) The ID-Provider provides a quick and powerful way to generate unique ID’s. Here, we will discuss how to set it up so that a User App Workflow can call the ID Provider and get a sequential unique value for object creation.
Kerberos Single Sign-on with Passwords through Access Manager (19th Apr '11) The new PasswordFetch class offers the ability to retrieve passwords from eDirectory when they are not supplied via the original authentication Method. This provides a guide to configuring Access Manager with Kerberos Class while utilising the Password Fetch Class.
Using ktab to generate a Kerberos Ticket File without spn.exe or ktpass.exe (20th May '10) The NetIQ Documentation clearly describes how to set up Kerberos for Access Manager, but it does not take into account when the iDP is running on Windows and that server is a member server of the domain. spn.exe requires the User ID, which is the server name according to the documentation, but this is already taken by the Computer object in Active Directory.
DMZ Configuration with Access Manager (6th Apr '10) A Forum reader recently asked: “I am setting up NAM in the lab, with the configuration of the Identity Server and Access Gateway in the DMZ. I am not experienced it this type of setup, since we currently have iChian on the inside of the network, so this is going to be a completely different setup...
Novell Access Manager SSLVPN NAT Script (10th Jul '09) The script below can be added to init for adding and removing the necessary iptables entry to route traffic from the SSLVPN subnet to the server’s interface.
Access Manager Single Sign-on to NetStorage (8th Jul '08) A guide to configuring Access Manager to enable SSO to NetStorage
Configuring Access Manager for UserApp and SAML (2nd Apr '08) If the IDM User Application is installed, it is often in a larger context. One of the common requirements is to integrate User Application or specific parts into a portal, granting the users a single sign-on experience. Another common requirement is a strong authentication, e.g., via a certificate login to the portal.
eDirectory on Windows Scheduled Online Backup (1st Apr '08) This nice, easy tool allows for the online backup of eDirectory to a specified location, so the file system backup can consume the files.
How to SSLize User Application on JBoss using eDirectory's Certificate Authority for Linux (13th Dec '07) Step by step guide for enabling HTTPS with an eDirectory signed certificate

Time for some of those shameless plugs in no particular order, alphabetical, that are 100% unrelated to my employment:

AWStats AbuseIPDB Apache ClouDNS Dynu Google Analytics iwantmyname JQuery Juniper Networks MariaDB Micro Focus NetIQ NTP Pool Project Optus PHP SMS Broadcast SUSE Uptime Robot