6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg.

Slides:



Advertisements
Similar presentations
Data, Policy, Stakeholders, and Governance Amy Brooks, University of Michigan – Ann Arbor Bret Ingerman, Vassar College Copyright Bret Ingerman This.
Advertisements

Web Application Management Moving Beyond CMS Douglas Clark Director, Web Applications Copyright Douglas Clark 2003 This work is the intellectual property.
Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, This work is the.
LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.
On Beyond Z Building a Directory Service educause presentation #074 University of Colorado at Boulder Deborah Keyek-Franssen Marin Stanek Paula J. Vaughan.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Identity Management: The Legacy and Real Solutions Project Overview.
Copyright Steve Brandt This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,
Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
Classroom Technologies Re-organization Copyright Kathy Bohnstedt, This work is the intellectual property of the author. Permission is granted for.
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
Beyond the Campus Gates: Bringing Alumni, Parents, and Prospects into the Campus Portal William P. Wilson Mark R. Albert John C. Duffy Gettysburg College.
Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Georgia State University Case.
Managing Intellectual Property for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the University System.
Middleware 101 Dave Tomcheck UC Irvine. Overview Drivers and Assumptions Objectives The Components of the Business Architecture Implications for Stakeholders.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Discussion Panelists: Justin C. Klein Keane Sr. Information Security Specialist University of Pennsylvania Jonathan Hanny Application Security Specialist.
USM Regional PeopleSoft Conference
Welcome to CAMP: Charting Your Authentication Roadmap Mike Grady Senior Technology Architect and Strategist Campus Information Technologies and Educational.
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
March 21, 2006 NERCOMP 2006 Worcester, Massachusetts 1 Copyright Sunny Donenfeld, This work is the intellectual property of the author. Permission.
USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
1 Presenters: Lucretia Parham Sara Connor Armstrong Atlantic State University October 30, :45 – 12:35 Copyright Sara Connor and Lucretia Parham,
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
EDUCAUSE 2003 Copyright Toshiyuki Urata 2003 This work is the intellectual property of the author. Permission is granted for this material to be shared.
1 Top 10 Challenges of the Academic Technology Community John P. Campbell & Dennis A. Trinkle EDUCAUSE Live! Monday, May 21, :00-2:00 PM Copyright.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
Internet2 Spring Meeting, Washington DC April NMI R2 Directory Services Components Overview Art Vandenberg Director, Advanced Campus Services Information.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Resources to CAMP: Charting Your Authentication Roadmap.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
DO YOU TRUST YOUR DATA? KNOW THE ANSWER WITH EIM! Jose Hernandez Director, Business Intelligence Dunn Solutions Group.
Middleware: Directories Metadirectories Related Work Brendan Bellina, University of Notre Dame.
University of Southern California Identity and Access Management (IAM)
SupportU 24x7: Implementing and Maintaining a Co-Managed Help Desk
Julian Hooker Assistant Managing Director Educause Southwest
John O’Keefe Director of Academic Technology & Network Services
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
University of Southern California Identity and Access Management (IAM)
Project for OnLine Instructional Support (POLIS)
Open Source Web Initial Sign-On Packages
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
Technical Topics in Privilege Management
Presentation transcript:

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg Director, Advanced Campus Services Georgia State University “Copyright Art Vandenberg This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.”

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 2 Roadmap – Introduction

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 3 Roadmap’s Layered Detail Roadmap Intro & main sections (5 pp.)Roadmap –Project Planning, Prep & Requirements –Architecture Design, Policy Development –Data Flow, Business Process –Implementation & Deployment Next level, outline of topics (24 pp.) Detail level articles, documents, links (~340 pp.) Dual tracks: Technical & Policy Technology/architecture & policy/management activity work together GOAL: directory-enable applications Directories reflect (variety of) institutional goals and environments

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 4 Roadmap – Project Planning Develop business case, secure support (educate, assemble drivers, business case) Develop project plan Decide on implementation strategy, timing, and organizational approach Develop communications and PR plan Discuss with stakeholders when appropriate Develop project specifics Assemble resources (funding, structure, communication plan) Articles, documents, templates, links – READY TO USE!

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 5 Roadmap – Architecture & Policy Campus identifier strategy –Guidelines, templates, examples –Do you know where your identifiers are? Directory Services Architecture –Models, recipe, schemas for higher education Education and communication Policy and process development

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 6 Identifiers, Authentication & Directories Directory components (1,000 words)

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 7 Directories & Details! Best Practice Design for LDAP Directory Schema –Flat as possible - minimizes update overhead –UID unique across tree –Create “campus person” (CampusEduPerson) –Use dc naming: dc=yourschool, dc=edu –... and more Naming –Choose distinguishedName (DN) carefully –UID rather than commonName (Jim Smit, Jim Smit?) You have a rich Roadmap to guide you

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 8 LDAP Recipe Recommendations to lead to common directory schema and deployments Started 2000, living doc, now 30 pp. Good source of information – USE THIS! Directory Information Tree (DIT) –Dc naming (leverage Domain Name System) –Ou=people, dc=yourschool, dc=edu –uid=avandenberg, ou=people, dc=gsu, dc=edu

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 9 Non-flat, non unique uid, no dc-naming o=Georgia State University ou=Information Systems ou=ACSou=UCCS cn=Art Vann cn=Jan Smit cn=Sue West cn=Mae Jones cn=Jan Smit Cn=Jan Smit, ou=ACS, ou=Information Systems, o=Georgia State University

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 10 Flat, unique uid, dc-naming dc=edu dc=gsu ou=peopleou=unit uid=avann uid=jsmit uid=jsmit2 ou=acs ou=uccs uid=jsmit2, ou=people, dc=gsu, dc=edu

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 11 eduPerson object Class LDIF (LDAP Data Interchange Format)... dn: cn=schema changetype: modify... add: attributetypes attributetypes: ( NAME 'eduPersonAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX ' ' )... add: objectclasses objectclasses: ( NAME 'eduPerson' AUXILIARY MAY ( eduPersonAffiliation $ eduPersonNickname $ eduPersonOrgDN $ eduPersonOrgUnitDN $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN $ ))

Directory Architectures -cont’d

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 13 Working with Stakeholders Who are the stakeholders? –Technical, functional, management, users... –What are key application drivers? Get that buy-in! Ad hoc or formal committees? Stewardship (preferred) vs. ownership –Data administration – how’s it done? Identifying policy gaps is important Establish same enterprise focus as for ERP systems

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 14 Roadmap – Data Flow & Business Process Integrated provisioning architecture: –data sources/providers –data flow & meta-processes –Application targets/consumer Chicken & egg: business flow & technical –You have to solve it together (functional & technical) Keeping that in mind… let’s look at overall concept

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 15 Directory Business Flow consolidation, intelligence, provisioning

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 16 Select Meta-Directory Model Enterprise directory / metadirectory Physical or virtual “person registry” Data load requirements Provisioning model for consumer apps ETL (extract, transform, load) tools Integration/synchronization services

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 17 UMBC Meta-Directory Source systems: HR and SIS with data in Oracle RDBMS Database triggers create change logs Updates applied to iPlanet LDAP Perl scripts query iPlanet change logs –update Active Directory –Update Remedy trouble ticket Perl scripts = intelligence iPlanet directory = registry

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 18 BC Meta-Directory Source is the registry (corporate DB, VSAM files) Single entry point/identifier create (even Peoplesoft) Identity reconciliation moot Student & HR “activate” user, marking for feed Fed to iPlanet, , voic , Radius, etc. Transactions real-time or batch (ftp & update scripts) Initial user entry/activation/script triggers = intelligence

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 19 Business Process Design/Impact Policies & procedures of existing systems of record –Human Resources, Student, Financial, Alumni, ancilliary… Can you leverage an existing initiative? What are directory update or service targets? Directory use policy (users & applications) Is there a Data Stewardship Policy? Do users know how their data is used? New identifier issues (new identifiers, new issues both)

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 20 Roadmap – Enterprise Directory & Applications Implementation Requirements & Analysis complete... –Business processes, data flows complete –Meta directory architecture complete Design –system & network, schema (eduPerson), metadirectory flow Implement –LDAP server, eduPerson data load, access controls, applications Deploy –testing, verification, transition & release to ops

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 21 The Communication Plan Who knows what and when? Content and context for the plan Words to live by: –No surprises! Manage expectations. “Under promise, over- deliver.” Phased approach with multiple communication modes Optimal result: –Deliver what they want, which just happens to be what you are offering...

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 22 Repeat as needed…

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 23 Contact Enterprise Directory Implementation Roadmap Art Vandenberg Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.