Presentation is loading. Please wait.

Presentation is loading. Please wait.

6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg.

Published byPamela Melton Modified over 8 years ago

Similar presentations

Presentation on theme: "6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg."— Presentation transcript:

1 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg Director, Advanced Campus Services Georgia State University avandenberg@gsu.edu “Copyright Art Vandenberg 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.”

2 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 2 Roadmap – Introduction

3 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 3 Roadmap’s Layered Detail Roadmap Intro & main sections (5 pp.)Roadmap –Project Planning, Prep & Requirements –Architecture Design, Policy Development –Data Flow, Business Process –Implementation & Deployment Next level, outline of topics (24 pp.) Detail level articles, documents, links (~340 pp.) Dual tracks: Technical & Policy Technology/architecture & policy/management activity work together GOAL: directory-enable applications Directories reflect (variety of) institutional goals and environments

4 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 4 Roadmap – Project Planning http://www.nmi-edit.org/roadmap/plan/plan-set.html Develop business case, secure support (educate, assemble drivers, business case) Develop project plan Decide on implementation strategy, timing, and organizational approach Develop communications and PR plan Discuss with stakeholders when appropriate Develop project specifics Assemble resources (funding, structure, communication plan) Articles, documents, templates, links – READY TO USE!

5 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 5 Roadmap – Architecture & Policy http://www.nmi-edit.org/roadmap/design/design-set.html Campus identifier strategy –Guidelines, templates, examples –Do you know where your identifiers are? Directory Services Architecture –Models, recipe, schemas for higher education Education and communication Policy and process development

6 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 6 Identifiers, Authentication & Directories Directory components (1,000 words)

7 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 7 Directories & Details! Best Practice Design for LDAP Directory Schema –Flat as possible - minimizes update overhead –UID unique across tree –Create “campus person” (CampusEduPerson) –Use dc naming: dc=yourschool, dc=edu –... and more Naming –Choose distinguishedName (DN) carefully –UID rather than commonName (Jim Smit, Jim Smit?) You have a rich Roadmap to guide you

8 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 8 LDAP Recipe Recommendations to lead to common directory schema and deployments Started 2000, living doc, now 30 pp. Good source of information – USE THIS! Directory Information Tree (DIT) –Dc naming (leverage Domain Name System) –Ou=people, dc=yourschool, dc=edu –uid=avandenberg, ou=people, dc=gsu, dc=edu

9 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 9 Non-flat, non unique uid, no dc-naming o=Georgia State University ou=Information Systems ou=ACSou=UCCS cn=Art Vann cn=Jan Smit cn=Sue West cn=Mae Jones cn=Jan Smit Cn=Jan Smit, ou=ACS, ou=Information Systems, o=Georgia State University

10 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 10 Flat, unique uid, dc-naming dc=edu dc=gsu ou=peopleou=unit uid=avann uid=jsmit uid=jsmit2 ou=acs ou=uccs uid=jsmit2, ou=people, dc=gsu, dc=edu

11 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 11 eduPerson object Class LDIF (LDAP Data Interchange Format)... dn: cn=schema changetype: modify... add: attributetypes attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.1 NAME 'eduPersonAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )... add: objectclasses objectclasses: ( 1.3.6.1.4.1.5923.1.1.2 NAME 'eduPerson' AUXILIARY MAY ( eduPersonAffiliation $ eduPersonNickname $ eduPersonOrgDN $ eduPersonOrgUnitDN $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN $ ))

12 Directory Architectures -cont’d

13 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 13 Working with Stakeholders Who are the stakeholders? –Technical, functional, management, users... –What are key application drivers? Get that buy-in! Ad hoc or formal committees? Stewardship (preferred) vs. ownership –Data administration – how’s it done? Identifying policy gaps is important Establish same enterprise focus as for ERP systems

14 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 14 Roadmap – Data Flow & Business Process http://www.nmi-edit.org/roadmap/data/data-set.html Integrated provisioning architecture: –data sources/providers –data flow & meta-processes –Application targets/consumer Chicken & egg: business flow & technical –You have to solve it together (functional & technical) Keeping that in mind… let’s look at overall concept

15 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 15 Directory Business Flow consolidation, intelligence, provisioning

16 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 16 Select Meta-Directory Model Enterprise directory / metadirectory Physical or virtual “person registry” Data load requirements Provisioning model for consumer apps ETL (extract, transform, load) tools Integration/synchronization services

17 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 17 UMBC Meta-Directory Source systems: HR and SIS with data in Oracle RDBMS Database triggers create change logs Updates applied to iPlanet LDAP Perl scripts query iPlanet change logs –update Active Directory –Update Remedy trouble ticket Perl scripts = intelligence iPlanet directory = registry

18 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 18 BC Meta-Directory Source is the registry (corporate DB, VSAM files) Single entry point/identifier create (even Peoplesoft) Identity reconciliation moot Student & HR “activate” user, marking for feed Fed to iPlanet, email, voicemail, Radius, etc. Transactions real-time or batch (ftp & update scripts) Initial user entry/activation/script triggers = intelligence

19 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 19 Business Process Design/Impact Policies & procedures of existing systems of record –Human Resources, Student, Financial, Alumni, ancilliary… Can you leverage an existing initiative? What are directory update or service targets? Directory use policy (users & applications) Is there a Data Stewardship Policy? Do users know how their data is used? New identifier issues (new identifiers, new issues both)

20 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 20 Roadmap – Enterprise Directory & Applications Implementation http://www.nmi-edit.org/roadmap/app/app-set.html Requirements & Analysis complete... –Business processes, data flows complete –Meta directory architecture complete Design –system & network, schema (eduPerson), metadirectory flow Implement –LDAP server, eduPerson data load, access controls, applications Deploy –testing, verification, transition & release to ops

21 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 21 The Communication Plan Who knows what and when? Content and context for the plan Words to live by: –No surprises! Manage expectations. “Under promise, over- deliver.” Phased approach with multiple communication modes Optimal result: –Deliver what they want, which just happens to be what you are offering...

22 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 22 Repeat as needed…

23 6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 23 Contact Enterprise Directory Implementation Roadmap http://www.nmi-edit.org/roadmap/directories.html Art Vandenberg avandenberg@gsu.edu Thank you

Download ppt "6 Nov 2003 A. Vandenberg © Teach A Man to Fish Educause 2003 Anaheim, CA 1 Enterprise Directory Implementation Roadmap – Directions Provided Art Vandenberg."

Similar presentations

Data, Policy, Stakeholders, and Governance Amy Brooks, University of Michigan – Ann Arbor Bret Ingerman, Vassar College Copyright Bret Ingerman 2004. This.

Data, Policy, Stakeholders, and Governance Amy Brooks, University of Michigan – Ann Arbor Bret Ingerman, Vassar College Copyright Bret Ingerman This.
Web Application Management Moving Beyond CMS Douglas Clark Director, Web Applications Copyright Douglas Clark 2003 This work is the intellectual property.

Web Application Management Moving Beyond CMS Douglas Clark Director, Web Applications Copyright Douglas Clark 2003 This work is the intellectual property.
Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, 2004. This work is the.

Planning: Project Readiness and Costs Mike Conlon Director of Data Infrastructure University of Florida Copyright Michael Conlon, This work is the.
LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.

LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.
On Beyond Z Building a Directory Service educause presentation #074 University of Colorado at Boulder Deborah Keyek-Franssen Marin Stanek Paula J. Vaughan.

On Beyond Z Building a Directory Service educause presentation #074 University of Colorado at Boulder Deborah Keyek-Franssen Marin Stanek Paula J. Vaughan.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Copyright Jill M. Forrester 2008. This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Identity Management: The Legacy and Real Solutions Project Overview.

Identity Management: The Legacy and Real Solutions Project Overview.
Copyright Steve Brandt 2007. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Steve Brandt This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Copyright Statement © Jason Rhode and Carol Scheidenhelm. 2006. This work is the intellectual property of the authors. Permission is granted for this material.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,

Steve Neiheisel Industry Consultant Creating a Technology Forum for the Whole Campus Presented by Executive Services of Jenzabar (c) Copyright 2006 Jenzabar,
Copyright Anthony K. Holden, 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester

Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.

Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure

GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, 2004. This work is the intellectual property of the.

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.

Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.

Similar presentations

Ads by Google