Upgrade of AIM

Upgrade of AIM

The SUN Identity Manager application, which serves as the central management for the accounts and roles of the individual IT systems, was upgraded from the 6.0 version to the 8.1 version.


The objective of the project was to transfer the functionality of the central administration of the accounts and roles in SUN Identity Manager (hereinafter “IDM”) from the 6.0 version to the 8.1 version.

Within this upgrade, a development environment for IDM was to be created, including connected systems (such as SAP, MS AD, and LDAP).

At the same time, the code needed to be refactored in such a way that it would be easily transferable between the individual environments (development-test-production). In relation to this, infrastructures for these environments were unified.


The project team consisted of a project manager, a senior architect and a junior IDM specialist (AMI Praha) and a senior IDM specialist (Tempest). Another person who took part in the analysis was a senior architect from SUN Microsystems; his company had implemented the original Identity Manager solution.

The customer was represented during the project by a project manager, an architect, approx. 6 specialists on the partial problems (such as AD, SAP, certification, LDAPs and operation) and one security representative.

The project schedule was adhered to up to the stage of the analysis and design. Then it was prolonged by almost 6 months because of the insufficient capacity of Czech Post.


Initial situation before project initiation

The SUN Identity Manager application (version 6.0) for identity and role management was implemented in the testing and production environments at Czech Post. Due to differences between the environments, the configuration of the application also differed, even in several places directly in the source code. The following systems were connected to IDM: SAP (source of internal users), LDAP (source of external users and controlled system), MS AD (controlled system), QCA and VCA (source of certificates) and czpLDAP (controlled system serving as a source of identities for the secondary IDM, the so‑called czpIDM). CzpIDM (version 7.1) is in DMZ ČP and manages accounts on NovellLDAP (source of data for the CzechPoint application), to which it assigns certificates from QCA and VCA.

The application was slow and some bulk actions such as the reconciliation of certificates and the synchronization from SAP took several days.


Within the analysis, the entire functionality which was to be preserved was mapped. Based on the project goals, a new infrastructure for all environments, a precise procedure for the migration to the new version including data migration and the necessary refactoring of the source code were proposed.

Target situation

In the development and testing environment, the infrastructure was built based on the production environment, and the latest version of SUN Identity Manager, version 8.1, was installed (now Oracle Waveset). Within the application, the entire functionality was transferred to the new version and environment‑dependent variables were parameterized to a single configuration file for easier administration of the source code and better transferability between environments. Adapters used for the connection of end systems allowed smaller interventions in the functionality when compared to newer connectors. The upgrade also included the optimization of the performance of IDM for performing bulk processes and selected adjustments of the functionality (coupling of certificates and role management).


  • Latest version of IDM (version 8.1) with support until 2017
  • Connection of Microsoft Active Directory 2008 R2 64bit and Exchange 2010
  • Possibility of debugging operational problems and easier correction
  • Significantly faster bulk operations
  • Identical environments (development-test-production) allow better testing and easier development of the new functionality
  • Better source code management thanks to SVN (versioning system) and NetBeans IDE, which were used for IDM



  • HTML
  • Java
  • JavaScript
  • MySQL

Other projects for the client

Related products

Related services

Related solutions

Přejít na začátek stránky


© Copyright 1998-2011 AMI Praha a.s., powered by AMIGO CMS