This question comes from Rick:

“My company is looking to start offering Identity Management services (just Oracle), what are some questions I should ask a prospective client so we have a good understanding of what they have / want?”

First let me point out that for a company to just suddenly decide to start offering Identity Management services, is a bold step. IdM services are not like anything else out there. You really need to have someone that knows what they’re doing. But, a lot of services companies, like yours I would imagine, do one type of service really well. So well, that one of their clients say, “Hey! We just purchased this IdM suite from X and have no idea how to implement it. Do you?” And you say, “Of course!” Over half of my calls come from this exact scenario after they figure out what’s really involved =)

But, if you’re really serious about starting this type of work, more power to you!

Here is a list of the common questions that you can ask a prospective IdM client. They will get a lot of pertinent information about them and what they want.
They may not have the answers to all of these, and that’s ok. These are just so you can have a clearer understanding as to what the client wants before engaging with them on a more formal deep-dive requirements gathering process.
  • Which products did they purchase? (See list below)
  • When do they want to start the implementation?
  • What is their deadline for a production role out, and what do they plan to have accomplished by then?
  • What were the driving reasons / decisions for purchasing the IdM product(s)? (Provisioning, Password reset, compliancy, etc)
  • If they’re a government entity, are there any special security clearances that are required?
  • What are their primary concerns with this type of roll-out?
  • How many environments do they want to roll out to? (Typical is 3: Dev, Test, Prod)
Oracle Identity Manager Questions:
  • Which connectors have they purchased?
  • What resources are they planning on provisioning to? What are they? What versions?
  • How many authoritative source do they have? What are they? What versions?
  • Are they replacing any current provisioning products, attestation products, or home-grown scripts?
  • What operating system are they installing it on?
Oracle Access Manager Questions:
  • Do they already have an LDAP Identity Store (AD, Oracle Internet Directory, Oracle Virtual Directory)
  • How many web applications do they want to protect and what are they?
  • What Application Server are they going to use / do they have? (OC4J, Web Sphere, WebLogic, JBoss)
  • Are they replacing any current access control products or home-grown scripts?
  • What operating system are they installing it on?
Oracle Virtual Directory Questions:
  • How many LDAP’s do they want to connect to?
  • How many Databases do they want to connect to?
  • Are they any other systems they plan on hooking into it?
  • What operating system are they installing it on?
Oracle Identity Federations Questions:
  • Do they plan on integrating it into Oracle Access Manager?
  • Will they be the Identity Provider, the Service Provider, or both?
  • How many clients within the circle of trust will they be federating to?
  • Are they replacing any current federation products or home-grown scripts?
  • What operating system are they installing it on?
Oracle Role Manager Questions:
  • Have they purchased the product, or the service?
  • How many employees do they have and what types? (full-time, contractors, students, etc)
Oracle Internet Directory Questions:
  • Will this be their first corporate LDAP?
  • Are they migrating data from a separate data store? (another LDAP, database, or file system)
  • Do they have a global unique identifier setup?
  • What operating system are they installing it on?
Oracle Enterprise Linux Questions:
  • Are they running them on the boxes, or virtualized?
  • What version are they installing? (If OEL v5, ask if they are aware of incompatibilities with other Oracle products)
This should be enough to start you out.
.: Adam