Presentation is loading. Please wait.

Presentation is loading. Please wait.

Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.

Published byEan Humphreys Modified over 9 years ago

Similar presentations

Presentation on theme: "Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida."— Presentation transcript:

1 Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida

2 Desired State  One person, one identity  Identity management across UF systems – desktop, web-based, enterprise  Support multiple modalities for directory services – LAN-based, web-based, enterprise  Provide public and private identifiers, not SSN  Authoritative source for identity and directory information  Move toward single sign-on

3 Some History  Registry since 1988  Kerberos since 1997  LDAP since 1998  Directory Strategy process 6/00-8/01. White paper. http://www.it.ufl.edu/projects/directory/pla nteam.htm http://www.it.ufl.edu/projects/directory/pla nteam.htm  Directory Project 9/01-January 21, 2003. Largest UF IT Project. http://www.it.ufl.edu/projects/directory http://www.it.ufl.edu/projects/directory

4 Strategy Process  Fourteen months 6/00-8/01  Visit by Ken Klingenstein 4/01  Student ID Process 2/01-8/01 ID recommendation: UFID for entire community. Follow I2 guidelines. Integrate with directory project  Strategy white paper for directory services at UF – why, what, how, who, when (18 months)

5 Directory Project Timeline  IT Review complete 3/01  Directory white paper 8/01  Project launch 10/01  Original target date 4/03  Actual go-live January 21, 2003  Seven FTE on core team  Over 150 participants from across UF

6 Directory Project Charge  Use of models and standards developed by the Internet2 Initiative including the EduPerson schema.Internet2 Initiative  Update to database schema in DB2 and LDAP.  Provide a support mechanism for unit level extensions as desired.  Improve infrastructure of LDAP facility.  Develop processes and policies to ensure maintenance of accurate directory data.  Develop of standard interfaces to reduce need for duplicate databases and enhance accessibility of directory data.  Develop a middleware connection in support of a new UF identifier strategy.  Develop effective data flows to and from existing data systems such as the Registrar and Personnel.  Provide a data model, LDAP schema and set of API's to support functional expansion and growth of new idea.

7 UF Directory Project  Overhaul Registry  Overhaul LDAP. eduPerson, eduPersonAffiliation  Introduce UFID. Publicly visible identifier (nnnn- nnnn) used in place of SSN for business transactions. http://ufid.ufl.edu http://ufid.ufl.edu  Introduce UUID. Private identifier used as key in core systems  SSN as attribute  GatorLink as attribute  Over 1,500 legacy apps modified  All SSN-based processes refactored  Self-service directory access http://phonebook.ufl.eduhttp://phonebook.ufl.edu

8 Consequences  1,272,228 objects in UF LDAP People, Organizations, Groups, Relationships  Better data through new processes Old: Local admin + reconciliation New: Central, self-service + replication  Positioned for new services PeopleSoft, Active Directory, Single Sign On

9 Current State  Five production middleware data systems – LDAP, UF Registry, Kerberos, Netware Directory Services (NDS), PeopleSoft Portal  Active Directory (AD) to be added  Existing integration between PeopleSoft, LDAP, Kerberos and UF Registry  Adhoc integration with Kerberos and NDS  UF Registry provides authoritative source  GatorLink (email, netid), UFID (publicly visible), UUID (private) identifiers

10 Why Six Systems?  LDAP is the open standard for web-based applications  Active Directory is the standard for desktop users  NDS is the legacy system for desktop users  PeopleSoft is the future enterprise system  Kerberos is the open standard for authentication  UF Registry is the current authoritative source with a known data model and service provider for legacy systems

11 Middleware Roadmap  Use LDAP and Kerberos to authenticate PeopleSoft (in place today)  Provide standards-based authentication mechanism for free-standing web apps (in place today via GL Auth)  Implement AD based on Kerberos identity – provide a foundation for future desktop integration. Spring 2003 through 2005  Consider the future of NDS  Migrate UF Registry to PeopleSoft Campus Community. Analysis complete, design in progress, go-live 7/04  7/04: Integrated enterprise middleware systems – AD, LDAP, PeopleSoft, Kerberos

Download ppt "Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida."

Similar presentations

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.

Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.
Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, 2004. This work is the.

Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, This work is the.
Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.

Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
LLNL and LANL Portal Update Cathy Aaron, Lawrence Livermore National Laboratory Katherine Norskog, Los Alamos National Laboratory Presented at InterLab.

LLNL and LANL Portal Update Cathy Aaron, Lawrence Livermore National Laboratory Katherine Norskog, Los Alamos National Laboratory Presented at InterLab.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Integrating Oracle Collaboration Suite into the Identity Management Infrastructure Dan Malone Cal Poly, San Luis Obispo Integrating.

Integrating Oracle Collaboration Suite into the Identity Management Infrastructure Dan Malone Cal Poly, San Luis Obispo Integrating.
Enterprise Directory Services A Common Registry (Identity Management) & Common Source of Authoritative Attributes Presentation to the Office of the President.

Enterprise Directory Services A Common Registry (Identity Management) & Common Source of Authoritative Attributes Presentation to the Office of the President.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Directory Services Project University of Colorado at Boulder.

Directory Services Project University of Colorado at Boulder.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Similar presentations

Ads by Google