Presentation is loading. Please wait.

Presentation is loading. Please wait.

FSU Metadirectory Project The Issue of Identity Management Executive Overview.

Published byEleanore McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "FSU Metadirectory Project The Issue of Identity Management Executive Overview."— Presentation transcript:

1 FSU Metadirectory Project The Issue of Identity Management Executive Overview

2 Outline Definitions Review of existing FSU enterprise-wide identities Demos of eDirectory software Desireable metadirectory features FSU Metadirectory Project Plan

3 Some Definitions Directory: list of users of a computer system –Examples: Email accounts (admin, mailer, garnet), NWRDC, PeopleSoft identity, Windows signon, Novell signon, Blackboard signon, dialup signon, etc. Metadirectory: “directory of directories”

4 Some Definitions eDirectory: Software product purchased from Novell that provides metadirectory services (an example of middleware) LDAP: Popular software protocol used for authentication Active Directory: Microsoft metadirectory product

5 Common FSU Identities C.A.R.S. (”ldap1”) –Captures all students, faculty & staff (+50,000 accounts) –Tied into automated systems on campus, such as FSUcard, HRMS, etc. –Used for authorizing “garnet/mailer” email servers, dialup service

6 Common FSU Identities C.A.R.S. (”ldap1”) –Blackboard authentication (~33,000 students)

7 Common FSU Identities O.P.S. (Secure Login; ”ldap2”) –Captures all students, faculty & staff (+100,000) –Tied into automated systems on campus, such as FSUcard, HRMS, etc. –Used for authorizing many administrative applications (many, but not all of which will be replaced by PeopleSoft functionality)

8 Common FSU Identities Administrative Email (“@admin.fsu.edu”) –Managed in the enterprise “FSU” Microsoft Active Directory –Semi-manual account management –Mostly used by some ~6,000 administrative employees

9 Common FSU Identities Netware Account –Provides file service –Managed by User Services –Semi-manual account management –Mostly used by some ~6,000 administrative employees

10 Common FSU Identities PeopleSoft Account(s) –Many instances exist –Need for integrated authentication

11 Common FSU Identities PeopleSoft Portal

12 Metadirectory Demonstrations eDirectory demo # 1: Demonstrate simple use of the metadirectory to manage ERP VPN access First, let’s look at a simple functional diagram of the pieces and how they fit together:

13 Demo # 1 Small population Small task Easy to implement Will be integrated into large-scale metadirectory

14 Metadirectory Demonstrations eDirectory demo # 2: “Hire” a new employee in PeopleSoft; see their Microsoft Active Directory/Exchange account get automatically created Uses the Metadirectory testbed, which looks like:

15 Demo # 2 Metadirectory “testbed” Allows for metadirectory development in the “lab” Ties together disparate systems Doesn’t require lots of horsepower

16 Desirable MetaDirectory Features One single “public” FSU electronic identity –Call it your “FSUid” –Proposal: “First Name Initial, Entire Last Name, Unique Number”@fsu.edu –Must “grandfather” in existing identities –Capture all possible, reasonable attributes from existing directories –Merging schemas: http://fsuid.fsu.edu/metadir/FinalReport/FSU%20data% 20mapping%2010_14_03.xls http://fsuid.fsu.edu/metadir/FinalReport/FSU%20data% 20mapping%2010_14_03.xls

17 Desirable MetaDirectory Features “SSO” – Single Sign On. You use one FSUid and password to access many systems, once the system is connected to the eDirectory for authentication A nice “FSU identity” web page, where you can: –See all of your roles, as captured in the metadirectory –Change and synchronize your password across systems –Manage some attributes of your eDirectory entry

18 Desirable MetaDirectory Features Automation between systems –Hire a new employee, automatically get access to appropriate Outlook mailbox, Novell files, dialup access; transition person as roles change –eDirectory product allows for much customization Collaboration with departmental directories (other Active Directory trees, etc.)

19 Desirable MetaDirectory Features The “obvious” ones: –Secure connections to/from metadirectory –Reliable/redundant servers (in Novell parlance, “replicants” could reside in physically separate places on campus) –Quick response time (the “L” in LDAP ) –Well-maintained (backups, disaster recovery, problem solving, etc.)

20 What’s so special about eDir? Latest technology (Java, XML, etc.) Significant knowledge of eDir and DirXML in-house Novell consultants already have done initial PeopleSoft integration that can be re-used Complex data flow model allows for much flexibility:

21

22 Metadirectory Project Planning Integrated with PeopleSoft planning ERP VPN metadirectory in production now ½ day “Metadirectory retreat” scheduled for this Thursday Plan to have LDAP1/LDAP2/AD/PS Metadirectory in production by March ‘04 Track project at http://fsuid.fsu.eduhttp://fsuid.fsu.edu

Download ppt "FSU Metadirectory Project The Issue of Identity Management Executive Overview."

Similar presentations

automated single login access to Novell storage resources

automated single login access to Novell storage resources
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:

Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:

Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
UPortal.Cornell Using uPortal to integrate disparate campus systems Jon Atherton, Cornell Information Technologies

UPortal.Cornell Using uPortal to integrate disparate campus systems Jon Atherton, Cornell Information Technologies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
July 12, 2005 CSU SIMI Workshop - Melding Policy and Technology to Manage Identity1 Provisioning Services Collaborative CSU, East Bay and CSU, San Bernardino.

July 12, 2005 CSU SIMI Workshop - Melding Policy and Technology to Manage Identity1 Provisioning Services Collaborative CSU, East Bay and CSU, San Bernardino.
Fordham University Portal My.Fordham.edu November 2008 Shaya Phillips.

Fordham University Portal My.Fordham.edu November 2008 Shaya Phillips.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Identity and Access Management

Identity and Access Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.

Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,

BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
FSU’s Portal Project Secure Applications in Blackboard Jeff Bauer Office of Technology Integration 5/24/2005.

FSU’s Portal Project Secure Applications in Blackboard Jeff Bauer Office of Technology Integration 5/24/2005.

Similar presentations

Ads by Google