WebADM: Complete IAM Solution for LDAP Organizations

WebADM Control Center
& IAM Solution

RCDevs Managing Plateform: a complete IAM Solution for LDAP Organizations

WebADM is the heart of the OpenOTP Security Suite, managing all products and acting as an IAM aggregator by integrating and consolidating multiple identity systems into a single platform.

A complete Identity and Access Management Solution

WebADM is the core component of RCDevs’ security solution. It is a clustered application server connected to your LDAP directory, hosting RCDevs’ web services like OpenOTP and web applications such as RCDevs IdP and self-services. WebADM serves as a powerful, web-based directory administration software.

It provides a graphical admin interface, management APIs, RCDevs Cloud services communication components, and PKI services. Domains, access policies, LDAP mountpoints, and application configurations are stored within the LDAP server as WebADM configuration objects, just like typical users and groups.

In addition to being the management console for RCDevs’ applications like OpenOTP and SpanKey, WebADM is compatible with Novell eDirectory, OpenLDAP, OpenDirectory, Oracle Directory, 389, and Microsoft ActiveDirectory. Furthermore, it is natively compatible with EntraID, Okta, Ping Identity, One Identity, Google, and many more.

RCDevs helps you

Centralized management of OpenOTP Security Suite

Complete IAM Solution for LDAP Organizations

RCDevs Security Platform is a self-sufficient Enterprise IAM solution that relies on your ActiveDirectory/LDAP user stores and provide fine-grained access policies for all your applications. This complete Identity and Access Management Solution is supported applications include VPNs, Citrix, Wifi, Websites, Federated apps (via SAML, OpenID-Connect or OAuth) and even legacy applications that generally do not support MFA by design.

The powerful WebADM application policies provide contextual security controls and restrictions per network, group, domain, time, etc. RCDevs’ IAM includes federation services with its own Identity Provider (IdP) and plugins for ADFS, where policies are applied per federated application (service providers).
WebADM also provides powerful management APIs and Self-Services for automation (ex. mass MFA enrolment), user/group provisioning, dynamic security enforcement,etc. Self-Services are included for self account management, MFA / mobile activation, password reset and more.

A centralized security audit with SQL-based logging and searchable log viewer is included and supports most SIEM integrations. Security logs are geolocalized for all RCDevs integrations. Dynamic geofencing and IP-based phishing protections are included.

RCDevs’ OpenOTP and SpanKey solutions play a major role in the RCDevs’ IAM, providing the foundations for Multi-Factor access and Privileged Access Management  (PAM) over your IT resources (Enterprise or Cloud).

Supported LDAP Directory Servers:

Novell eDirectory
Microsoft ActiveDirectory
Apple OpenDirectory
Oracle/SUN Directory
OpenLDAP (RedHat, CentOS, Debian…)
RCDevs Directory Server (Custom OpenLDAP)
For other LDAP support please ask RCDevs sales

Supported Interfaces:

HTTP / HTTPS for Administration and WebApps
SOAP / XML and REST over HTTP/HTTPS for Web Services
SQL databases (MySQL, Sybase, MS SQL, PostgreSQL, Oracle) for logs and message localizations
LDAP Federation
WebADM can manage and federate all your organization directories in one single interface. It connects your ActiveDirectory, Novell, OpenLDAP all together and provides a hierarchical view, delegated administration and powerful management for your directory resources. With OpenOTP installed, it implements your centralized Enterprise authentication system, working with users and groups from all your directories and domains.
Mixing Microsoft and UNIX
WebADM understands both Microsoft ActiveDirectory Domains and UNIX PAM-LDAP users. You can seamlessly manage both environments from the management interface. Better, WebADM can extend your ActiveDirectory users (with UNIX/Linux functionalities) to make your AD users work with your UNIX-based systems. WebADM is also the only software which able to unify your Microsoft and UNIX infrastructure so easily.
Hardware Security Modules
WebADM complies with the highest security requirements by supporting Hardware Security Modules (HSM). The YubiHSM hardware modules from Yubico (https://www.yubico.com/products/yubihsm/) are optionally used to enforce hardware cryptography (AES encryption for user data, Token Inventories…) and true random number generation (Token seed generation, out-of-band SMS OTPs…). The use of HSM modules in WebADM is 100% transparent and the migration to hardware cryptography can be done at any time without impacting your business. WebADM server supports up to 8 HSM modules in the hot-plug mode for fault-tolerance and increased performance.
Integrated PKI
Access to the management interfaces is secured by integrated PKI and client certificates. Your WebADM installation can also be deployed on the Cloud with total security. Through the ‘User Self Service Desk’ application, WebADM can operate your corporate certificate authority, certificate management and provisioning system. End-users can self-enroll their own certificates and use them for S/Mime or PGP mail.

Key features

Web-based and RPC-based admin interfaces
Extensive LDAP management features
Delegated administration and role-based access control
Support multiple LDAP datasources at the same time
Support hardware security modules with Yubico YubiHSM
Per-client / network / location / group application policies
Integrated PKI for managing Administrator and User certificates
End-user PKI functionalities (S/Mime and PGP mail, encryption…)
Multiple login modes (LDAP DN, Domain, User Certificates)
Federation of multiple LDAP with RCDevs’ MountPoint technology
Easy HA deployment with efficient cluster support
Management of UNIX accounts in ActiveDirectory
Smart LDAP batch operations (toggle group memberships, attributes…)
Multilingual support for Web Services & WebApps with graphical editor
Graphical configuration manager for RCDevs’ Web Services and WebApps
Log viewer and reporting for Administration and RCDevs Applications
Geolocation of administrator and RCDevs’ application access
Automatic failover for LDAP, SQL, SMTP and session servers
Mail-based system alerts
IANA-registered LDAP schemas
Works on any Linux system with no dependency
PCI-DSS and HIPAA compliant

Unified IAM Federation

Native IAM Integration

OpenOTP is compatible with local directories such as Active Directory (AD) and LDAP, providing extensive support for on-premise environments. Additionally, it is natively integrated with EntraID, Okta, Google, Ping Identity, One Identity, and many other identity providers, enabling simple integration across diverse IAM systems.

EN