Grouproles at RUC Course enrollment based on composite grouproles in external groups.

Slides:



Advertisements
Similar presentations
From the eyes of an Administrator A general overview of e-CFunds Administrative Site, including navigation and exploring the features of this powerful.
Advertisements

Windows Server ® 2008 and Windows Server ® 2008 R2 Active Directory ® Domain Services Infrastructure Planning and Design Published: February 2008 Updated:
CASE STUDIES Indiana University University of California, Davis University of Maryland San Joaquin Delta College University of Arizona University of Washington.
People Database project John Byrne. Project aims Improve current Computing Service resource management processes Provide a reference 'People Database'
Information Technology and Computing Services One Stop East Carolina University Kari Mills New Technologies Development Group Empowering East Carolina.
SciVal Experts & SciVal Funding Information Sessions.
Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Active Directory: Final Solution to Enterprise System Integration
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
1 Overview Presentation on Luminis Platform  This presentation is taken from a much longer one by SungardHE  It shows the main elements.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
UPortal: A framework for the Personalization of Library Services John Fereira: Programmer/Analyst Cornell University Mann Library.
Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.
1 By San Francisco State University A Case Study Integrated Identity Management System Presentation to 2 nd Annual CSU Secure Identity Management Infrastructure.
Authentication and Authorization in Sakai Charles Severance Sakai Chief Architect
Active Directory at the University of Michigan Data Population and Kerberos Interoperability MaryBeth Stuenkel LAN/NOS/Groupware Services.
03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.
Nassau Community College
UW Windows Authentication Group Multiple forest scenario task force - Testing report and recommendations.
AAI with simpleSAMLphp
Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.
ILearnNYC Platform Session Objectives Provide an understanding of overall platform components, how they fit together and associated timelines Explain.
Integrating Applications with the Directory Andrea Beesing CIT/Integration and Delivery June 25, 2002.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
Kerry Cook Mathematics Teacher Franklin High School Franklin, NH
Introduction to E-Marketing Understanding Marketing Techniques in the new E-conomy.
The Embedded Librarian: Integrating Library Resources into Course Management Systems Emily Daly Instruction & Outreach Librarian Perkins Library, Duke.
Managing Branded Gateways and Customized User Experiences Presented By Jon Hope Blackboard Training April 12, 2005.
TNC2004 Rhodes 1 Authentication and access control in Sympa mailing list manager Serge Aumont & Olivier Salaün May 2004.
1 st LDAP Conference 2007, Köln Germany 6-7 September 2007 Moving LDAP Writes to Web Services Kostas Kalevras National Technical University of Athens,
Implementing Resource Management within EPM Roy Kayahara Program Manager Microsoft Office Project Microsoft Corporation.
® Tivoli Directory Integrator IBM Software Group Tivoli Directory Integrator Bi-directional Active Directory – Domino Sync (part II – how to build it)
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.
Using Grouper and Signet for Access Management Kathryn Huxtable GPN Annual Meeting 30 May 2008
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Some Cool Tools for the PeopleSoft Support Team Session #20649 March 13, 2006 Alliance 2006 Conference Nashville, Tennessee.
Enterprise Integration in Sakai 2.4 An overview of what’s new and (hopefully) improved.
Courselist Project Automated Graduate Student Information System Final project for CS 3354.
What is Web Site Administration Tool ? WAT Allow you to Configure Web Site With Simple Interface –Manage Users –Manage Roles –Manage Access Rules.
8th Sakai Conference4-7 December 2007 Newport Beach Integration: Users and Groups Mark J. Norton Nolaria Consulting.
CSC350: Learning Management Systems COMSATS Institute of Information Technology (Virtual Campus)
Authentication at Penn State: The Present State of Affairs and Future Directions James A. Vuccolo, Manager, Software Technologies Group Phil Pishioneri,
Grouper Training Developers and Architects Integration Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons Attribution-NonCommercial.
Strictly Business Using “StrictlyFused” to Create an Extensible Knowledge Portal.
Copyright © 2006, Infinite Campus, Inc. All rights reserved. User Security Administration.
Features INTERFACE  Bug/issue view – the main window for working with separate bugs;  Search view – used for ad-hoc full-text search and narrowing.
OVERVIEW OF ACTIVE DIRECTORY
24 October 2007 Fernando Lucas Rodriguez Adaptation of HyperNews for the NICE (SSO) authentication.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
FEPRE IT Presentation Peter Dolukhanov. Aims & Objectives Give an overview of the current proposed IT infrastructure Discuss and get feedback on the current.
Gap Analysis Action Plan: Trends PREPARED BY: OFFICE OF INSTITUTIONAL EFFECTIVENESS APRIL 28, 2015.
CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.
TxGradebook – A Teacher’s View. 07/12/2010 Is a web-based application designed for use by teachers in the classroom, at home or anywhere with Internet.
Ad-hoc Lists / Opt-In Problem Definition Access rules for many applications and services cannot be derived from an authoritative source and must therefore.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Justin Scheitlin Daisey Fahringer
CollegeSource Security Application &
Géant-TrustBroker Dynamic inter-federation identity management
Your Key to Privacy, Security, and Access to Services
ESA Single Sign On (SSO) and Federated Identity Management
ACTIVE DIRECTORY An Overview.. By Karan Oberoi.
Use this presentation with Section 2 of the Deployment Workbook.
Presentation transcript:

Grouproles at RUC Course enrollment based on composite grouproles in external groups

Overview How do we integrate? Why using groups and roles? Overview of slides: Use Cases presentation Technical infrastructure Group-roles and Portalino Sakai and Providers

- Step Two: Ask for groups for group - Step One: Ask for groups for user Access Maintain - Step Three: Find intersection Access Maintain Using LDAP as middle ground for expressing memberships.

Using Group-Roles Group-Roles pairs expresses membership of a given group real-world binding to a specific role Role Mapping depends on context of group-role

Scenario: Use Cases and Setting Uses Cases are diverse For teachers: Sakai is voluntarily Support is face2face For students: Teacher chooses Sakai Support is by mail

Other uses of Sakai Research teams Special Interest Groups Commitees Organizational Units Student Project Groups

Group Management User Directory implemented 10y ago Fully implemented as primary directory New Group-Role database in roll-out Designed and coded 2y ago Continuously pushed as primary directory Still in redesign process

Infrastructure LDAP as directory protocol User Directory as regular LDAP Group Directory as meta-LDAP Yale CAS as SingleSignOn (SSO) Zero-Effort Cassification

LDAP Development Custom LDAP Schema Strands organize information Highly Agile presentation layer

CAS Development Rewritten Yale CAS 2.10 Integrated in all Internet Services campus wireless (Blue Socket) Redirects login

No CAS (OOTB LDAP provider)

Yale CAS 2.0 unmodified

Zero-Effort Cassification

GroupRole Database Memberships in groups formal, informal, and ad hoc for mail-lists,courses, ACLs informative, no business logic nested membership in development

DK.RUC.ALFA displayName: Sample at Alpha Faculty DK.RUC.ALFA-FACULTY Ms. Andrews, Ms. Brown DK.RUC.ALFA.SMPL-STUDENT Cindy DK.RUC.ALFA.SMPL.FALL displayName: “SAMPLE 101, FALL 2006” DK.RUC.ALFA.SMPL.FALL TEACHER Ms. Andrews DK.RUC.ALFA.SMPL.FALL ENROLLED Cindy Diana, enlisted: “Beta Faculty” Resembles reverse DNS separated Role appended for users suffix Attributes: on groups, e.g.. display name on users, e.g.. guest status

Portalino Light-weight Portal Online bookmarks Some links are pushed to users Everything else is user-land

Portalino, Screenshot

Integration Wireless defaults to Portalino Links to all services from Portalino Current courses linked directly Archived courses can be hidden

Sakai at Roskilde University

Roadmap November 2004, Sakai 1.0 in Pilot Manual group administration September 2005, Sakai 2.0 in Production Webservice synching July, 2006 Sakai 2.2 in Production Webservice synching with Group Providers

User base and staffing Potential user-base: students 1324 staff (also part time) Actual users: 1217 unique session_user Staffing: 1 project leader, 3 admin/devs approx. 1-2 man years

The Group Provider How it should work How it works What we wanted

Standard provided groups

String getRole(id, user) Map getUserRolesForGroup(id) Map getGroupRolesForUser(userId) String[] unpackId(id) getGroupRolesForUser when generating sites getRole at entry in site getUserRolesForGroup at s, list of participants unpackId - ?

String getRole(id, user) Map getUserRolesForGroup(id) Map getGroupRolesForUser(userId) String[] unpackId(id) getGroupRolesForUser at login, data cached getRole never! (worksite setup) getUserRolesForGroup at s, list of participants unpackId - not necessary

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.