Live. learn. work. play. 1111 Superior Ave E Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639

Slides:



Advertisements
Similar presentations
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Advertisements

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Identity Management.
Mike Bayne 15 September 2011
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Implementing and Administering AD FS
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Teamcenter™ Security Services SSO
Important when you launch Yammer Enterprise Create an engaged and trusted community Decide about User Profile Syncs Various User and Admin.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
Enterprise Search. Search Architecture Configuring Crawl Processes Advanced Crawl Administration Configuring Query Processes Implementing People Search.
Microsoft Identity and Access Solutions Market Trends and Futures
Vikram Thakur Introduction to Active Directory Structure.
Chapter 12: Additional Active Directory Server Roles
August 25, SSO with Microsoft Active Directory Presented by: Craig Larrabee.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Module 1: Introduction to Administering Accounts and Resources
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
Attribute Resolution. 2 © 2010 SWITCH Terms: Attribute A piece of information about a user. Each attribute has a unique ID and has zero of more values.
Networked Application Architecture Design. Application Building Blocks Application Software Data Infrastructure Software Local Area Network Server Desktop.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
INTEGRATION WITH OTHER IDM SOLUTIONS Remember… The primary goal of KIM was to build a service- oriented abstraction layer for Identity and Access Management.
1 © 2008 Avaya Inc. All rights reserved. IPOffice Configuration Service Emil Ratnam.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,
Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions
Shibboleth 2.0 IdP Training: Authentication January, 2009.
Authentication. 2 © 2010 SWITCH Terms: Authentication Mechanism A concrete mechanism used to authenticate a user. Shibboleth 2 currently supports REMOTE_USER,
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.
PAPI: Simple and Ubiquitous Access to Internet Information Services JISC/CNI Conference - Edinburgh, 27 June 2002.
Session 8 Windows Platform Dina Alkhoudari. Learning Objectives Read Only Domain Controller Active Directory Certificate Service Group Policy.
Module 1: Introduction to Administering Accounts and Resources.
Introduction to Active Directory
8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. BI Publisher Server: Administration and Security.
SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.
Secure Mobile Development with NetIQ Access Manager
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
F5 APM & Security Assertion Markup Language ‘sam-el’
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
The FederID project The First Identity Management and Federation Free Software.
Windows interoperability with Unix/Linux
Basharat Institute of Higher Education
Azure Active Directory - Business 2 Consumer
CollegeSource Security Application &
Prime Service Catalog 12.0 Integration Best Practices – LDAP and SAML Settings.
Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support
Module 1: Introduction to Administering Accounts and Resources
AD FS Integration Active Directory Federation Services (AD FS) 7.4
BACHELOR’S THESIS DEFENSE
Device Registration and Multi-Factor Authentication
Microsoft 365 Business Technical Fundamentals Series
Presentation transcript:

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: FRIENDLY NAMING CONVENTIONS – LEVERAGING THE POWER OF OPEN LDAP AND MULTIPLE DIRECTORIES Abhishta Bodapti Karl Horvath Lauren Halupke Gwynedd-Mercy College

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: WHERE IS GMC LOCATED?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: STUDENTS

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: HOW BIG IS THE IT DEPARTMENT?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: How many projects do we have at hand?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: PROBLEM THE PROBLEM

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: HOW IT LOOKED?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: NAMING CONVENTION?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: DEPARTMENTS INVOLVED?  Administrative Systems  Enterprise Systems  Desktop Support  Information Systems

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: PROJECT GOALS  No changes to AD  Build a fail-over DC solution  Ease of use for end-user  Cost

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: RESOURCES

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: SOLUTION

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: MULTIPLE DIRECTORIES?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: W HAT ARE THE BENEFITS ?  Multiple directory integration  Selective (regEx) import of directory user groups  Convert user groups (directory) directly to roles (local to myCampus)  Simultaneously leverage both imported (from directory) and existing (from myCampus DB) groups / roles

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: W HAT ARE THE BENEFITS ?  Import additional personal attribute(s) to empower SSO bridges to enterprise applications  Ability to set hot LDAP/AD failover in case primary LDAP/AD is not reachable

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: W HAT IS THE "M ULTIPLE D IRECTORY " CONCEPT ?  Leverages PAF (P ersonal A ttribute F ramework )  PAF = middleware between myCampus and CAS  CampusEAI's PAF application acts as a CAS client that consumes CAS attributes.PAF  Uses the CAS SAML validation filter to consume user attributes, including group and role memberships.

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: W HAT IS THE "M ULTIPLE D IRECTORY " CONCEPT ?  It uses attributes to create and synchronize the myCampus user base with data from one or more sources.  This is a required component for Multiple Directory configurations but is also available for single source environments.

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: H OW DOES IT WORK WITH AD OR LDAP  CAS can be configured with one or more Authentication Handlers.  An ldapAuthenticationHandler is typically configured to authenticate users against a school's enterprise LDAP server.  A fileAuthenticationHandler is typically configured to authenticate users against a configured users.properties file.

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: K EY F ILES  users.properties  authenticationHandlers-local.xml  deployerConfigContext-local.xml  credentialsToPrincipalResolvers-local.xml .edu/paf/configuration

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: H OW DOES IT WORK WITH AD OR LDAP  Defines all authenticationHandlers authenticationHandlers-local.xml

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:  Define location (IP) of directories with LDAP Bind Accounts deployerConfigContext-local.xml

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:  Map attributes from LDAP (key) to Principal (value) credentialsToPrincipalResolvers-local.xml

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:  Map attributes from SAML validation to corresponding myCampus attribute. Available to be edited in GUI.edu/paf/configuration

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: PAF Configuration Screen The “Behavior” section allows the mapping of attributes in the response to myCampus arguments for creating a user. The left hand side should contain the attribute as shared in the SAML validation. The right hand side is the corresponding myCampus attribute.

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: Preserve Existing and Imported User Groups / Role Membership In this scenario, certain, configurable groups/roles may wish to be preserved (i.e. not blown away ) on sync “existing values” refers to user groups/roles local to myCampus system “imported values” refers to the user group and roles brought in from the directory (UserGroup1|UserGroup2).* = All User Groups or Roles

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: HOW IT LOOKS NOW?

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax: I NTERESTED IN M ULTIPLE D IRECTORY ?  Multiple Directory Integration? Estimated Project Cost: $ 4,000  Directory Replication and Cloud Hosting Estimated Project Cost: $ 8,000

live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.