1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 Identity Management.

Slides:



Advertisements
Similar presentations
UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.
Advertisements

FIM Best Practices - Architecting Identity Solutions that really work!
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
What’s FIM all about?. Agenda What is FIM Why are we implementing FIM How is FIM related to Office 365 What will FIM do How does FIM differ from ILM (current.
Microsoft Learning Gateway for HE Rob Miles – Hull University, Lecturer Romola Ganguli – Microsoft Education Technology Advisor.
Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Microsoft Forefront Identity Manager 2010
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Identity Management Choosing and Using Sun’s Identity Management Suite March 13 th, 2007 Kim Tracy Executive Director University Computing Services Northeastern.
Hybrid Search with SharePoint 2013 and Office 365 Brendan Griffin.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Identity and Access Management
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Microsoft Identity and Access Solutions Market Trends and Futures
SIM332 UserManagement GroupManagement CredentialManagement Common Platform WorkflowConnectorsLogging Web Service API Synchronization PolicyManagement.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Identity and Access Management Business Ready Security Solutions.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Identity and Access Management IST Retreat WATIAM Basic Timeline Licence, agreement, SOW, initial training, scope (Jun-Sep 07) Requirements phase.
Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.
Jean-Pierre Simonis (Data # 3) Bruce Smith (Data # 3)
Overview of Access and Information Protection
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
Our Pilot Adventure with Luminis IV Leading the Way - Monday, October 6, Our Pilot Adventure with Luminis IV Leading the Way Sri Giridharan, Manager.
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite
New SharePoint 2016 Features
NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID By Jonathan Higgins Presentation Template available from.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Tech Ed North America /24/2017 1:59 AM SESSION CODE: SIA327
A Community of Learning SUNGARD SUMMIT 2007 | sungardsummit.com 1 LEAPing with Luminis Presented by: Bob Coon Luminis Technical Services SunGard Higher.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Implementing a Role Management System Mair é ad Martin Carrie Regenstein Internet2 Fall Meeting September 20, 2005.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Federico Guerrini IDA TSP, EMEA Incubation Team From Identity Synchronization to Identity Management.
Integrating Active Directory with eDirectory ™ Using Novell Account Manager Reid Oakes Technical Team Manager Novell, Inc.
Microsoft ® Forefront ™ Identity Manager 2010 Infrastructure Planning and Design Published: June 2010.
Momentum. Strategy & Roadmapping Business Analysis Information Architecture Usability / User Experience Rich Media Social Media (Web 2.0) Interface Design.
Chapter4 Part2. User Account Management Once Active Directory is installed and configured, you enable users to access network servers and resources through.
Craig Pringle & Derek Moir
Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
SharePoint and Active Directory Update March 18, 2010.
DocuShare Replacement with SharePoint and Active Directory
Quarterly Customer Meeting Office 365 License Activation and Office 365 Cloud Services Assessment Status April 2014.
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Avenue Suite 310 Cleveland Ohio Tel: Fax:
Live. learn. work. play Superior Ave E Suite 310 Cleveland Ohio Tel: Fax:
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Planning, Implementing and Supporting Office 365
New Developments in Central Directory Service and Account Provisioning Dan Menicucci Enterprise Architect - University of Pittsburgh.
Max Fritz Senior Systems Consultant, Now Micro
Campus Portal and in the Cloud
University of the Virgin Islands Mobile Apps for Faculty and Staff
Using Microsoft Identity Manger with SharePoint 2016 to fill the User Profile Sync Gap Max Fritz Senior Systems Consultant Now Micro.
ACTIVE DIRECTORY ADMINISTRATION
PSJA AUTOMATION WORKFLOW AND LESSONS LEARNED
SharePoint Online Hybrid – Configure Outbound Search
SharePoint 2016 in MIM 2016 Robi Vončina Kompas Xnet.
University of Northern Colorado
Presentation transcript:

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Identity Management Services using Microsoft FIM 2010: Lessons Learned School: Marshall University Presenter: Jon B. Cutler, MS CISSP, Chief Information Security Officer

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Product / Service Product / Service Description CampusEAI Implementation of Identity Management Services using Microsoft Forefront Identity Manager 2010 CampusEAI Support Agreement for FIM to provide additional technical support to MU team

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Profile / Fast Facts Profile of Member Institution / Fast Facts Marshall University is a West Virginia Public Higher Education located in Huntington, WV and is a Masters – Large university Enrollment: 13,900 (72% undergrad/28% graduate) Employment: 2,100 staff and faculty Programs: 2 Assoc., 52 Baccalaureate, 45 Graduate, 2 Ed.S., 5 Doctoral Administrative system: Ellucian Banner® IT Infrastructure: Microsoft Active Directory, Exchange 2010 / SharePoint, FIM, Blackboard Learn 9, CampusEAI myCampus 7, Cisco wired and wireless network.

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Problem Statement / Pain Points Replace home-grown Account Management System with a commercially-supported solution Establish a common credential to enable single-sign- on (SSO) across all applications Provide self-service password management facility Enable select SIS/HR attributes to be available to identity and directory systems Create, update, and withdraw services, access and distribution group memberships based on changes in the role of an individual

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Implementation Steps / Approach Assessment of identity management process Identify available resources Design identity management solution Implement design in test/development environment Migrate test/dev configuration into production Review production results; compare to legacy Discontinue legacy system

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Implementation Steps / Approach Outcome Implement Forefront Identity Management 2010R2 Enable self-service password management Automate creation of user accounts in AD, Exchange and Automate creation/update of AD groups which map to default Banner roles (i.e. STUDENT, EMPLOYEE, FACULTY, ALUMNI, etc.) Automate creation of ad-hoc security/distribution groups via Banner ‘pop-sel’ Develop internal expertise to utilize FIM as a solution for other IT integration challenges

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Implementation Steps / Approach Lessons Learned Identify and review accuracy of data sources GIGO Understand IdM processes You can’t automate what you don’t fully understand or where desired outcome is subjective FIM is ‘ruthlessly effective’ in synchronization Insert, update and removal of objects and attributes Test EVERY process in test/dev environment Time spent testing is time saved in production

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Role CampusEAI Value Add Provided architectural design expertise so MU team not ‘reinventing-the-wheel’ Provided technical implementation expertise in the FIM product Provided project management services to keep team on task and on schedule Role of Member Institution Provided internal replica of key systems in a virtualized test/dev environment Requirement that MU team understand, implement, and support production services

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Next Steps / Roadmap for the School Register existing users for self-service password reset services Add additional sync services for Emergency Notification Service, IT Billing System, etc. Review FIM/BHOLD suite for use in analytics Design and implement process to review access and de-provision services after role change Explore additional self-service workflows Management of AD security and distribution groups Management vanity, group alias, and mail forwarding services

1111 Superior Avenue Suite 310 Cleveland Ohio Tel: Fax: Q & A