Carleton's Enterprise Directory Service (EDS) Richard Goerwitz Carleton College.

Slides:

Advertisements

Similar presentations

Directory Infrastructure Roadmap Overcoming Fragmented Identities - Roadmap to a Reliable Directory Infrastructure Thorsten Butschke & Dr. Martin Dehn.

Advertisements

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.

MyBucknell From Portal, Whats That? To Have you myBucknelled Today? To … just a click away from campus Brian Hoyt Director of Technology Integration Information.

College An insight Into the College VLE Graham Mason

OhioNET EZProxy Service

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

People Database project John Byrne. Project aims Improve current Computing Service resource management processes Provide a reference 'People Database'

WHY CMS? WHY NOW? CONTENT MANAGEMENT SYSTEM. CMS OVERVIEW Why CMS? What is it? What are the benefits and how can it help me? Centralia College web content.

Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.

Information Technology and Computing Services One Stop East Carolina University Kari Mills New Technologies Development Group Empowering East Carolina.

1 UDDI Jong-Ha Jung 07/28. 2 INDEX INDEX What is UDDI? What is UDDI? Appearance of UDDI Appearance of UDDI Why UDDI? Why UDDI? Analogy with Telephone.

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

Benefits of Cross Training RMACRAO 2013 Thursday, July 18 3:15 – 4:15 PM.

Directory-Enabling Applications: Techniques from the Trenches Brendan Bellina Senior Systems Engineer University of Notre Dame This presentation is available.

Active Directory: Final Solution to Enterprise System Integration

The Online Library Environment Projects and Challenges at The University of Alabama Libraries Jason J. Battles Head, Web Services Department.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Directory & Naming Services CS-328 Dick Steflik. A Directory.

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

Active Directory Structure June 2011 Erick Engelke.

Dspace – Digital Repository Dawn Petherick, University Web Services Team Manager Information Services, University of Birmingham MIDESS Dissemination.

Peter Deutsch Director, I&IT Systems July 12, 2005

System Architecture University of Maryland David Henry Office of Information Technology December 6, 2002.

Baylor University and Xythos EduCause Southwest 2007 Dr. Sandra Bennett Program Manager Online Teaching and Learning System Copyright Sandra Bennett 2007.

Windows 2000 and Active Directory Services at UQ Scott Sinclair Senior Systems Programmer Software Infrastructure Group

Technology for Marketing and Student Recruitment Publications and Marketing Services (PAMS) Ian Bartlett, Head of PAMS Ben Johnston, PAMS Web Developer.

Automated Computer Account Management in Active Directory June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram.

Identity and Access Management (IAM) What’s in it for Me? NC State University - Computer Security Day October 26, 2009 Mark Scheible Manager, Identity.

Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.

Submitted by: Madeeha Khalid Sana Nisar Ambreen Tabassum.

Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.

Jordan Maxwell ADVANCED PROGRAMMING. DEFINITIONS PHP: A server side Programming language often used in websites. API: ( Application programming interface.

Kuali Rice at Indiana University Rice Setup Options July 29-30, 2008 Eric Westfall.

Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.

Group Management at Brown James Cramton Brown University April 24, 2007.

The Directory A distributed database Distributed maintenance.

Portal Strategies and Issues at Georgetown Common Solutions Group Winter Meeting Duke University January 10, 2001.

Information Technologies Jeremy Mortis 1 hi LDAP The Online Directory.

Www2.computer.org Basic Architecture Leo Wadsworth, Staff Manager April 2008.

LDAP: LDIF & DSML Fall 2004 Rev. 2. LDIF Light-weight Data Interchange Format RFC 2849 Common format to exchange data entry schema.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

The DSpace Course Module – Configuring LDAP. Module objectives  By the end of this module you will:  Understand how DSpace uses LDAP for authentication.

Adventures in Authentication Ian Upton. Introduction the BUILDER model our authentication needs LDAP / NDS Talis conclusions.

Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.

authenticated networked guided environment for learning - secure integration of learning environments with digital libraries - Current.

Capture the Movement: Banner 7.0 and Beyond Susan LaCour, Senior Vice President, Solutions Development California Community Colleges Banner Group.

Openness and Extending Blackboard Software Asbed Bedrossian Otto Khera USC.

A Community of Learning SUNGARD SUMMIT 2007 | sungardsummit.com 1 Extending SSO – CAS in Luminis Presented by: Zachary Tirrell Plymouth State University.

Sonoma State White Pages Implementation Barry Blackburn Andru Luvisi Brian Biggs.

LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.

1 COP 4343 Unix System Administration Unit 13: LDAP.

FSU Metadirectory Project The Issue of Identity Management Executive Overview.

Your GIL Account and the GALILEO Password. Start from the GIL library catalog at OR If you are already in GIL you may choose the.

© 2010 Deep Web Technologies, Inc. Taking the Library Back from Google Abe Lederman, President and CTO Deep Web Technologies May 12, 2010.

Patron Verification and Security The Web OPAC and Beyond Richard Goerwitz Carleton College.

1 Pinnacle Telephone Billing System Upgrade Open Forum I February 27, 2009.

Ex Libris Developers Network Develop. Experiment. Collaborate.

Data Integration with Veracross Wednesday, June 23 rd Lauren Banks.

The Good, Bad and Ugly of Instituting a Portal on your Campus Cindy Hudson User Support Analyst Randolph-Macon Woman’s College Lynchburg, Virginia

Copyright © 2006 by the University of Kansas Providing Intra-campus SSO Service Kathryn Huxtable Identity Management/Core Middleware Information Technology,

Getting Started at Walsall Learning Centre. General Information Key Facts Card Opening hours, contact details, loan information, fines, renewals, useful.

Introducing the Central Authentication Service (CAS) Shawn Bayern Research programmer, ITS Technology & Planning Author, Web Development with JavaServer.

API Basics: Integrating with SmartSimple. Mark Bridger BFA, M.S Ed. UI Lead & Training Officer Meet your Presenter.

Welcome to Getting Started with LIS Library & Information Services (LIS)

Information Technology  © 2001 The Trustees of Boston College   Slide 1 Call to Action! Bernard W. Gleason JA-SIG uPortal Conference Vancouver, British.

Net-Centric Computing Overview

Wes Brooks District 6840 • Asst. Gov. ClubRunner

ASP.NET Authentication with Identity Jump Start

Presentation transcript:

Carleton's Enterprise Directory Service (EDS) Richard Goerwitz Carleton College

What's an EDS? ● It's an easily accessible 'people' info repository – Houses things like ● Names, titles, departments ● Phones, address, faxes ● Physical locations (e.g., offices, dorms) ● AND primary keys to other databases on campus – Many EDSs (ours, too) contain info on ● courses, groups (same thing at Carleton) ● organizational units

● Three main strategies: – Extended NOS ● where you extend eDirectory or AD to hold enterprise data – 'Fat' EDS ● where you set up an RDBMS to hold a superset of data held in other campus DBs [e.g., the ERP system, OPAC, dev/AR system], and provision from there – 'Thin' EDS (NB: Carleton's strategy) ● where you pool and merge your most important 'people' data then vend that data using a simple LDAP service How is an EDS Implemented?

So What's LDAP? ● LDAP=Lightweight Directory Access Protocol – A protocol for talking with a lightweight database ● LDAP-enabled databases allow for: – Access via many platforms, OSs, and languages: ● Java, PHP, Perl, Python, C++, etc. ● MS ADSI, JNDI, Net::LDAP, etc. ● LDAP is a fast, easy way to access EDS data – Offers one-stop shopping for most applications

Where Does Our EDS Get Its Data? ● Colleague/Unidata – students, staff, faculty, courses ● Advance/Oracle – alumni, parents, trustees, 'friends' ● Card-access system/Informix – pictures ● Recruitment Plus/SQL Server – prospects ● Telecomm/SQL Server – departmental phone #s ● NetWare/eDirectory – some NetIDs, all passwords*

What's an EDS Entry Look Like? dn: carlnetid=mjohnson,ou=people appleUserHomeURL: (XML string) uidNumber: carlNetId: mjohnson userPassword: (not visible) commonName: Margit C. Johnson title: Assoc Dir Off Campus Studies ou: Off Campus Studies Office carlOfficeLocation: Laird Hall 131 carlCampusPostalAddress: 3-OCS postalAddress: One N College St... telephoneNumber: fax: carlPrimaryAffiliation: EX Black = LDAP Green = NetWare Blue = Colleague carlAffiliation: EX homePhone: xxxx homePostalAddress: Union St... carlLibraryPIN: carlColleagueID: carlSpouse: John J. Doe mail: eduPersonPrimaryAffiliation: staff eduPersonAffiliation: staff eduPersonAffiliation: alum eduPersonAffiliation: parent carlAdvanceID: carlCohortYear: 1970 jpegPhoto: (raw picture data) Red = Advance Yellow = Card- Access Blue = Colleague

What's a Student Entry Look Like? dn: carlnetid=bergmans,ou=people appleUserHomeURL: (XML string) uidNumber: carlNetId: bergmans userPassword: (not visible) commonName: Sarah C. Bergman postalAddress: 300 N College St... carlStudentCampusAddress: Burton... carlStudentPermanentAddress:...USA carlPrimaryAffiliation: UG carlAffiliation: UG Black = LDAP Green = NetWare Blue = Colleague HomePhone: xxxx homePostalAddress: Burton Hall... carlLibraryPIN: carlColleagueID: mail: eduPersonPrimaryAffiliation: student eduPersonAffiliation: student carlCohortYear: 2007 jpegPhoto: (raw picture data) Yellow = Card-Access Blue = Colleague

What's a Course Entry Look Like? dn: carlcolleagueid= ,ou=gro up carlObjectExpires: gidNumber: carlColleagueID: carlCourseSynonym: ou: Asian Languages & Literatures cn: JAPN carlCoursePrimaryName: JAPN carlCourseSubject: JAPN carlCourseNumber: 343 carlCourseSection: 00 carlCourseTitle: Adv Japanese-Film & Fiction carlCourseStatus: Open Black = LDAP Blue = Colleague carlCourseCredits: 6 carlCourseMaxSlots: 25 carlCourseAvailableSlots: 22 carlCourseMeetingInfo: LDC 203 TTH 01:15PM 03:00PM carlCourseTerm: 04/WI carlCourseStartDate: 01/05/04 carlCourseEndDate: 03/15/04 carlCourseInstructor: carlnetid=ntomonar,ou=people uniqueMember: carlnetid=swansonm,ou=people carlnetid=cervonea,ou=people carlnetid=gohg,ou=people

Where is EDS Data Used? ● Web systems – LDAP auth, authz – Whitepages – Online phone book – Departmental pages – Prospect pages ● Admissions systems – Prospect usernames ● VEMS2 front end ● Login services – Core Linux servers – Lab machines ● NetReg ● Luminis (SCT) ● Illiad (in the Library) ● Others!

What Apps Are On the Horizon? ● Library OPAC (vendor issues) ● HEAT (version 8; ask Julie M.) ● Course Management – Auto-populate photos, class membership rosters – Auto-generate 'my courses' page for students/teachers ● OS/X 'dynamic local user' ● ARTstor ● Shibboleth (NMI distributed authentication)

Conclusion ● Our EDS saves ITS time – Relieves us of having to maintain user accounts – Makes it easier to write apps ● Apps only have to go to one place to get most information ● Apps usually can get away with a single, simple API ● EDS makes ITS customers happy, e.g.: – Admissions – Library – Students; all our external constituencies

Afterward: Why Doesn't Everyone Have an EDS? ● Management doesn't always understand the need ● Vendors want their products to serve as the EDS ● Data owners don't always want to share data – Fear loss of control ● Programmers lack skills – Fail to respect data owners' concerns – Lack integration experience; experience with APIs – Aim too high; fail to achieve usable results