Practical Experiences of IAM and Distributed Services Richard James Newcastle University 15 th November 2013.

Slides:



Advertisements
Similar presentations
UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.
Advertisements

Exchange Online: Pricing & Licensing Overview. | Copyright© 2010 Microsoft Corporation Agenda Overview of Office 365 suite offers Exchange Online standalone.
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Whats New in Microsoft Office 365 Module 01 | Daniel Sierra | Account Technology Strategist Microsoft Education México.
Classroom Architects Own the classroom experience –Look to be unique and innovative Institutions Educators Cohesive Experiences Integrating technology.
Agenda AD to Windows Azure AD Sync Options Federation Architecture
Business Aids for Success Business: BambooHR Management: Glip E-Commerce: Shopify
Identity Management: Services, Tools and Processes Cal Racey
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Cloud Services for Education
Case Study: Newcastle University
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Widely Distributed Access Management Tom Barton University of Chicago.
Unified Communications, the new IP CERN Fernando Moreno Pascual CERN IT/OIS.
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Microsoft Identity and Access Solutions Market Trends and Futures
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
HTML Black Box Manage Device Capabilitie s 3 Manage Service Capabiliti es 4 Edit Code 5 Edit & Style UI 6 Build & Run 7 Debug & Diagnose.
Azure Infrastructure Services Going Hybrid !
Accounts Allowed Inbox Size Shared Contacts Resource Scheduling on Calendars Storage Limits Mobile Device Support MS Outlook.
Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.
CIS 375—Web App Dev II Microsoft’s.NET. 2 Introduction to.NET Steve Ballmer (January 2000): Steve Ballmer "Delivering an Internet-based platform of Next.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Single Sign-On with Microsoft Azure
Windows Azure: Microsoft’s Cloud Platform By Shahed Chowdhuri.
May l Washington, DC l Omni Shoreham iPhone 2.0, BlackBerry and Windows Mobile Smart-Phone Hosting without Exchange and BES John Davies President.
Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.
Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Shibboleth for Real Dave Kennedy
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Offer highly configurable and scalable services Maintain an evergreen service Provide a platform built on security, privacy, and trust.
Alessandro Cardoso Microsoft MVP | Readify National Manager |
Virtual Classes Provides an Innovative App for Education that Stimulates Engagement and Sharing Content and Experiences in Office 365 MICROSOFT OFFICE.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Building consumer apps with Azure AD B2C
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Momentum. Strategy & Roadmapping Business Analysis Information Architecture Usability / User Experience Rich Media Social Media (Web 2.0) Interface Design.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
The VERSO Product Returns Portal Incorporates Office 365 Outlook and Excel Add-Ins to Create Seamless Workflow for All Participating Users OFFICE 365 APP.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
SAP NetWeaver Business Intelligence SAP Netweaver Business Warehouse (SAP NetWeaver BW) the name of the Business Intelligence,
 Step 2 Deployment Overview  What is DirSync?  Purpose – What does it do?  Understanding Synchronization  Understanding Coexistence  Understanding.
 What is DirSync?  Purpose – What does it do?  Understanding Synchronization  Understanding Coexistence  Demo.
Web 2.0: Concepts and Applications 6 Linking Data.
Collaboration and Federated Identity Two powerful forces being leveraged – the rise of federated identity – the bloom in collaboration tools, most particularly.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
University of Southern California Identity and Access Management (IAM)
Mobile Application Solution
Introducing Access Management
Mobile Application Solution
Identity and Access Management Services
IT Connects: Lync and Box Staff Association Council
RMS Architecture EMS Partner Bootcamp TechReady 18 9/17/2018
SharePoint Online Management and Control
ACS and the Cloud.
ESA Single Sign On (SSO) and Federated Identity Management
MIX 09 11/23/2018 6:07 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
University of Southern California Identity and Access Management (IAM)
SharePoint Online and Azure Team to Manage Safety on Multiple Devices, from Anywhere “SharePoint Online and the Microsoft Azure platform allowed us to.
Office 365 Identity Management
Mobile Services and Cloud Scalability Enable Connections Between Brands and Customers MINI-CASE STUDY “It became clear that Microsoft Azure was the way.
Team-Based Time Logging App Uses Office 365 to Simplify Collaboration and Coordinate Tasks “Office 365 has allowed us to integrate our time logging, task.
Matthew Levy Azure AD B2B vs B2C Matthew Levy
Today Introducing IAMUCLA ISIS to Shibboleth Migration
ASP.NET Core 2.0 Identity and Azure Active Directory
INTRODUCTION TO AZURE AD
Presentation transcript:

Practical Experiences of IAM and Distributed Services Richard James Newcastle University 15 th November 2013

 Based in North East of England  Research intensive University  21,000 students  5200 staff  NUmed campus in Malaysia

 Describe our IAM architecture ◦Single Sign On - Shibboleth ◦Group Management - Grouper ◦Institutional Data Feed Service(IDFS) - Talend  Experiences of branching out into cloud services ◦Exlibris ◦Office 365 ◦Dreamspark

SOR Provisioning and Integration Tools People Groups Roles/ Privileges Provisioning and Integration Tools Identity

SAP Students SAP HR Talend ETL & ESB CAMA Grouper Talend ETL & ESB Shibboleth Filestores Exlibris 40+ others IDFS

 Exlibris  Aleph  SFX  Metalib  Primo  Previously hosted on campus  Now hosted by Exlibris  XML provisions people  Shib provides the authentication

 Benefits to the University  Large quota (50GB)  A fully featured client experience based on Outlook Web App 2013  A green/sustainable hosting platform  Ability to access , calendar and contacts from a range of mobile devices

 Single sign on was the main priority of senior stakeholders  Had to deal with external and internal access ◦Bring your own devices causes problems  DirSync – active directory sync every 3 hours  Getting support ◦ESC Nottingham Trent Microsoft support team – internal forums -  For more info on the journey visit 

Scenario  Access to free Microsoft software packages  Access management not scalable going forward  Previously only offered to a small subset of users What Next?  Great, it uses Shibboleth!  Not so great, premium and standard levels of access  Controlling access for over 25k users

Our provisioning model allowed us to tackle this  IDFS – extract STEM data  Grouper – maps users to STEM and Non Stem groups and pushes into AD  Shibboleth – queries AD, sets an attribute based on group membership ◦urn:mace:dir:attribute-def:ou  Dreamspark - use this attribute to determine levels of access

 A seamless and easier experience for students  Over 25,000 users are now able to access resources, up from 700  Management of access control significantly reduced  Since January 2013 £2.5 million worth of software provided free to University users

 Staying observant  Assessing the feasibility  Consider previous experiences  Consider the costs  Other techniques for cloud provisioning  Other cloud provisioning, Amazon, Adidas

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.