NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID By Jonathan Higgins Presentation Template available from.

Slides:



Advertisements
Similar presentations
Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.
Advertisements

Data: Application requirements, data flow, and person registry Tom Barton University of Chicago.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 14 Upgrading to Exchange Server 2003.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
© 2006 Cisco Systems, Inc. All rights reserved. CUDN v1.1—4-1 Migrating from Voice Mail to Unified Messaging Migrating Voice Mail to Unified Messaging.
Infrastructure Mark Rosenberg UCCSC. UCCSC – August 9, 2005 What is LBNL? A Department of Energy National Laboratory, operated by the University.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Peter Deutsch Director, I&IT Systems July 12, 2005
Coming Soon ! Google Prepared by Frank Saraceno.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Streamlining Support and Management through the Implementation of Active Directory Educause 2003 Mid-Atlantic Regional Gale D. Fritsche –
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Windows 2000 and Active Directory Services at UQ Scott Sinclair Senior Systems Programmer Software Infrastructure Group
Active Directory at the University of Michigan Data Population and Kerberos Interoperability MaryBeth Stuenkel LAN/NOS/Groupware Services.
Brian Arkills Software Engineer, LDAP geek, AD bum, Senior Heckler, and Associate Troublemaking Officer State of Windows Services at the UW.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Chapter 11: Creating and Managing Shared Folders BAI617.
Working with Workgroups and Domains
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
1 A Case for Collaborative Identity Management in a Complex Decentralized Environment Andrea Beesing Assistant Director, IT Security and David Yeh Assistant.
CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Enterprise Directories: Design, Implementation, and Operational Strategies Dr. Tom Barton.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
DECS Community IT DIVISION OF ENGINEERING COMPUTING SERVICES Michigan State University College of Engineering.
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
Current State Of NetID By Jonathan Higgins Presentation Template available from Microsoft A low cost Identity Management Implementation Guide.
Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
GatorLink Password Management Policy March 31, 2004.
HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.
Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers
Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC.
University of Michigan Directory Services Ellen Vaughan Mike La Haye
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
Operating System Security Fundamentals Dr. Gabriel.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)
A Training Solution for Your Campus Instant access for all faculty, staff, students, and parents—day or night. As an online training solution, Atomic Learning.
1 e-Science AHM st Aug – 3 rd Sept 2004 Nottingham Distributed Storage management using SRB on UK National Grid Service Manandhar A, Haines K,
Purpose Present Drivers and Context for Firewalls Define Firewall Technology Present examples of Firewall Technology Discuss Design Issues Discuss Service.
FROM MIT KERBEROS TO MICROSOFT ACTIVE DIRECTORY The Pennsylvania State University’s move from a lower case MIT Kerberos realm to a Standard Microsoft Active.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Portal Services & Credentials at UT Austin CAMP Identity and Access Management Integration Workshop June 27, 2005.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Module 1: Introduction to Windows 2000 and Networking.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Fermilab supports several authentication mechanisms for user and computer authentication. This talk will cover our authentication systems, design considerations,
Windows interoperability with Unix/Linux
Basharat Institute of Higher Education
New Developments in Central Directory Service and Account Provisioning Dan Menicucci Enterprise Architect - University of Pittsburgh.
ACTIVE DIRECTORY ADMINISTRATION
Network Neighborhood? Who’s on Your Wi-Fi?
Identity Management Integration CAMP
ESA Single Sign On (SSO) and Federated Identity Management
Partnering with Microsoft to Deliver Student
Dartmouth College Status Report
Identity Management at the University of Florida
Presentation transcript:

NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID By Jonathan Higgins Presentation Template available from Microsoft The Identity Management System

NMI-EDIT CAMP Synopsis Directory Workshop covering directory implementation steps, architectures, person registries, and operational issues. Basics for implementing an Identity Management System.

What is Identity Management? Identity Management is an abstract for a system that manages: Identification, Authentication, and Authorization. Identification is the act of pre-assigning a unique namespace (a username) to an individual. Authentication binds a person with an Identity Authorization is the act of ensuring that a person is afforded access only to services and data required to support allowed tasks.

The Big Picture

Growing Pains and Silos vs. Suites Why are we doing this? Impending Growth of student, faculty, and staff population Scalability Silos: authentication, authorization and application are all self contained and individually administrated. Integrated Suites: Set of applications that authenticate and authorize from a central service for multiple applications.

What Are We Doing? NetID project ongoing since 9/2002 OpenLDAP and Kerberos completed 5/2003 Active Directory integration synchronized with OpenLDAP and trusted by Kerberos 2/2004 Negotiation of data to provide individual affiliations for dynamic groups in progress. Blade Technology and new resources. ISCSI storage solution for remote data storage in progress.

The State of NetID 3 rd semester in production, and working as intended. New attributes are on the way. Dynamic groups based on affiliations Password Expiration notification system

Groups Students, Future Students, Undergraduate, Graduate, Staff, Faculty, Employees, Visitors, Temp Employees, Student Assistants, Alumni, and Retired Groups that will exist before this Fall include: Department based groups, Degree of Study groups, College based groups, and Courses. What other groups do you think we may need?

Linux Blade Cluster This project is ongoing and dependant on the ISCSI storage solution. The MTA project will provide a single mail exchange for domain. The MTA will include Spam control and Virus scanning. Public Visible LDAP replica (FERPA controls will be in place for students)

ISCSI Storage Array? A procedure will be available to acquire disk space. As a system administrator you just need to know that ISCSI provides a block level network device, not a file IO share.

How does the ISCSI Storage System work? Client Systems OS Layer Physical Layer

What Still Needs To Be Done? Upgrade NetID and Administration Tools to include: Modify schema and add attributes as needed Modify RDN for user objects to free the uid attribute to allow multi-values or aliases Add Radius for wireless authentication Add Account Locking/Deletion Pursue Campus buy-in to NetID though identifying services and providing documentation for integration. And more…

What can we expect in the future? Solution for guest computing may be Sponsorship? An idea introduced at the CAMP. Individual account holders would be responsible for the sponsorship and creation of an account. The new account would have no more access than the sponsor. Access control would be monitored by the sponsor. Possible solution to guest computing issues, parental access to their students resources, and other.

What else can we expect? Inter-Institutional Applications Shibboleth, a Web-based inter-organizational authorization system, leverages attribute repositories such as directories and the larger identity management infrastructure to service inter-institutional applications and resource sharing. Authentication for students from another trusted university to applications and services hosted here at Kennesaw and vice-versa.

Any Questions? Feel free to ask anything, except topics that do not concern KSU.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.