1. Carleton's Enterprise Directory Service (EDS) Richard Goerwitz Carleton College

2. What's an EDS? ● It's an easily accessible 'people' info repository – Houses things like ● Names, titles, departments ● Phones, address, faxes ● Physical locations (e.g., offices, dorms) ● AND primary keys to other databases on campus – Many EDSs (ours, too) contain info on ● courses, groups (same thing at Carleton) ● organizational units

3. ● Three main strategies: – Extended NOS ● where you extend eDirectory or AD to hold enterprise data – 'Fat' EDS ● where you set up an RDBMS to hold a superset of data held in other campus DBs [e.g., the ERP system, OPAC, dev/AR system], and provision from there – 'Thin' EDS (NB: Carleton's strategy) ● where you pool and merge your most important 'people' data then vend that data using a simple LDAP service How is an EDS Implemented?

4. So What's LDAP? ● LDAP=Lightweight Directory Access Protocol – A protocol for talking with a lightweight database ● LDAP-enabled databases allow for: – Access via many platforms, OSs, and languages: ● Java, PHP, Perl, Python, C++, etc. ● MS ADSI, JNDI, Net::LDAP, etc. ● LDAP is a fast, easy way to access EDS data – Offers one-stop shopping for most applications

5. Where Does Our EDS Get Its Data? ● Colleague/Unidata – students, staff, faculty, courses ● Advance/Oracle – alumni, parents, trustees, 'friends' ● Card-access system/Informix – pictures ● Recruitment Plus/SQL Server – prospects ● Telecomm/SQL Server – departmental phone #s ● NetWare/eDirectory – some NetIDs, all passwords*

6. What's an EDS Entry Look Like? dn: carlnetid=mjohnson,ou=people appleUserHomeURL: (XML string) uidNumber: 15375 carlNetId: mjohnson userPassword: (not visible) commonName: Margit C. Johnson title: Assoc Dir Off Campus Studies ou: Off Campus Studies Office carlOfficeLocation: Laird Hall 131 carlCampusPostalAddress: 3-OCS postalAddress: One N College St... telephoneNumber: +1 507 646 4031 fax: +1 507 646 5614 carlPrimaryAffiliation: EX Black = LDAP Green = NetWare Blue = Colleague carlAffiliation: EX homePhone: +1 507 645 xxxx homePostalAddress: Union St... carlLibraryPIN: 20118000000000 carlColleagueID: 0100000 carlSpouse: John J. Doe mail: mjohnson@acs.carleton.edu eduPersonPrimaryAffiliation: staff eduPersonAffiliation: staff eduPersonAffiliation: alum eduPersonAffiliation: parent carlAdvanceID: 0100000000 carlCohortYear: 1970 jpegPhoto: (raw picture data) Red = Advance Yellow = Card- Access Blue = Colleague

7. What's a Student Entry Look Like? dn: carlnetid=bergmans,ou=people appleUserHomeURL: (XML string) uidNumber: 15979 carlNetId: bergmans userPassword: (not visible) commonName: Sarah C. Bergman postalAddress: 300 N College St... carlStudentCampusAddress: Burton... carlStudentPermanentAddress:...USA carlPrimaryAffiliation: UG carlAffiliation: UG Black = LDAP Green = NetWare Blue = Colleague HomePhone: +1 507 646 xxxx homePostalAddress: Burton Hall... carlLibraryPIN: 20118010000000 carlColleagueID: 1000000 mail: bergmans@carleton.edu eduPersonPrimaryAffiliation: student eduPersonAffiliation: student carlCohortYear: 2007 jpegPhoto: (raw picture data) Yellow = Card-Access Blue = Colleague

8. What's a Course Entry Look Like? dn: carlcolleagueid=0014331,ou=gro up carlObjectExpires: 2004-04-14 gidNumber: 50655 carlColleagueID: 0014331 carlCourseSynonym: 07744 ou: Asian Languages & Literatures cn: JAPN.343.00 carlCoursePrimaryName: JAPN.343.00 carlCourseSubject: JAPN carlCourseNumber: 343 carlCourseSection: 00 carlCourseTitle: Adv Japanese-Film & Fiction carlCourseStatus: Open Black = LDAP Blue = Colleague carlCourseCredits: 6 carlCourseMaxSlots: 25 carlCourseAvailableSlots: 22 carlCourseMeetingInfo: LDC 203 TTH 01:15PM 03:00PM carlCourseTerm: 04/WI carlCourseStartDate: 01/05/04 carlCourseEndDate: 03/15/04 carlCourseInstructor: carlnetid=ntomonar,ou=people uniqueMember: carlnetid=swansonm,ou=people carlnetid=cervonea,ou=people carlnetid=gohg,ou=people

9. Where is EDS Data Used? ● Web systems – LDAP auth, authz – Whitepages – Online phone book – Departmental pages – Prospect pages ● Admissions systems – Prospect usernames ● VEMS2 front end ● Login services – Core Linux servers – Lab machines ● NetReg ● Luminis (SCT) ● Illiad (in the Library) ● Others!

10. What Apps Are On the Horizon? ● Library OPAC (vendor issues) ● HEAT (version 8; ask Julie M.) ● Course Management – Auto-populate photos, class membership rosters – Auto-generate 'my courses' page for students/teachers ● OS/X 'dynamic local user' ● ARTstor ● Shibboleth (NMI distributed authentication)

11. Conclusion ● Our EDS saves ITS time – Relieves us of having to maintain user accounts – Makes it easier to write apps ● Apps only have to go to one place to get most information ● Apps usually can get away with a single, simple API ● EDS makes ITS customers happy, e.g.: – Admissions – Library – Students; all our external constituencies

12. Afterward: Why Doesn't Everyone Have an EDS? ● Management doesn't always understand the need ● Vendors want their products to serve as the EDS ● Data owners don't always want to share data – Fear loss of control ● Programmers lack skills – Fail to respect data owners' concerns – Lack integration experience; experience with APIs – Aim too high; fail to achieve usable results