Email Identity Standard Proposal Identity and Access Management Subcommittee December 12, 2013.

Slides:

Advertisements

Similar presentations

1 Capability Set - Bullet. 2 Common Community Problems Too Much Information –Institutions have to SPAM their faculty and students –Too many online sources.

Advertisements

Introduction to DocuSign

Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

© 2006 Cisco Systems, Inc. All rights reserved. CUDN v1.1—4-1 Migrating from Voice Mail to Unified Messaging Migrating Voice Mail to Unified Messaging.

Graffiti Reporting A partnership of Local and State Government; My Local Services App enhancements.

Company LOGO State of Alaska Exchange & Active Directory Project Enterprise Technology Services ETS is a customer driven team that provides world class.

Administering Active Directory

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

Departmental & Resource Accounts in MS Exchange By: Howard Ignal

Domain Name Server © N. Ganesan, Ph.D.. Reference.

Identity Standard Proposal February 2014 Committee on Technology & Architecture Subcommittee on Identity and Access Management.

Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Enabling Cloud Services & Federated Authentication UPN & Infrastructure Changes Chris Pruess ITS AIS Directory & Authentication Services.

Agenda: Compliance Vision Archive Preserve (Hold) Delete (Messaging Records Management) Q&A.

A Guide to Getting Started

©2009 HP Confidential TUNGSTEN NETWORK AND PAPER INVOICING.

IRTP-C: Handling of Address Changes IRTP-C Implementation Review Team Discussion 8 January 2015.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

Microsoft Dynamics CRM 2011 Update Rollup 5 Enhancements Dana Martens Escalation Engineer Microsoft.

Exchange 2010 Recipient and Mailbox Management IT:Network:Applications.

Managing Client Access

Sage CRM Developers Course

Confidential: University of California San Francisco Medical Center Situation and background Risks Opportunities Evaluation of candidates Security compliance.

GSA’s Vendor and Customer Self Service (VCSS)

PostalOne! / FAST Data Exchange - Vision 02/15/05.

Novell Nsure TM Identity Manager 2 andGroupWise Provisioning Art Purcell, GroupWise ® Engineering, David Holbrook, DirXML Engineering,

Sympa Mailing List Server

● Agenda 2 What is TNet? Why Adopt TNet? How it Works Timeline The Two Goals Steps for Implementation.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

Outsourcing Student and Other Collaboration Services John Calkins Assistant General Counsel Northwestern University Office of General Counsel (OGC)

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Two Installing and Configuring Exchange Server 2003.

The Savvy Cyber Teacher ® Using the Internet Effectively in the K-12 Classroom Copyright  2003 Stevens Institute of Technology, CIESE, All Rights Reserved.

Configuring Name Resolution and Additional Services Lesson 12.

Module 3 Managing Recipient Objects. Module Overview Managing Mailboxes Managing Other Recipients Configuring Address Policies Configuring Address.

Identity and Access Management Roadmap Presentations for Committee on Technology and Architecture March 21, 2012 Amy Day, MBA Director of GME IAM Committee.

Module 7 Planning and Deploying Messaging Compliance.

June 2007Library systems managers SCONUL Access The largest borrowing scheme for higher education in the UK and Ireland.

Common Origination and Disbursement Navigating the Web Presenter: Renee Wade National Association of Sigma Users July 24, 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Five Managing Addresses.

Enterprise Service Desk (ESD) Enterprise Service Desk for Notification / Knowledge Article Authors.

Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)

Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Three Managing Recipients.

Message Validation, Processing, and Provisioning System (MVPS) Access for Jurisdictions User has SAMS User ID Center for Surveillance, Epidemiology, and.

CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

Data Pipeline Town Hall February 26, 2015 The goal of the webinar is to provide updates on the Data Pipeline and current and upcoming collections. These.

Peter Ziu Northrop Grumman ACS-WG Grid Provisioning Appliance Concept GGF13, March 14, 2005

L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.

Data Management Program Introduction

NATE Blue Button Directory Detailed overview

Project Management: Messages

Advantages of sas for reporting

How to Setup and Utilize Functionality

BIM 360 Glue Migration to BIM 360 Account Administration (HQ)

Sourcing Event Tool Kit Multiline Sourcing, Market Baskets and Bundles

ConnectingOntario ClinicalViewer

Identity Standard Proposal

Migrating to Office 365 from Google mail and exchange

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

Steering committee Name Department Jonathan Neff

BCS Template Presentation February 22, 2018

Implementing and Managing Group and Computer Accounts

Use this presentation with Section 2 of the Deployment Workbook.

Using AIM (for Instructors)

Presentation transcript:

Identity Standard Proposal Identity and Access Management Subcommittee December 12, 2013

Situation 2 Exchange service provides to 30,500 users across the UCSF enterprise Many separate systems have been consolidated including the Medical Center and School of Exchange currently receives for 140 distinct domains Some units adopted primary address when consolidated, but accounts are still being provisioned for 73 domains Rules for assigning a new individual to appropriate domain are manually implemented

Consequences of Current Situation 3 Delay in creation of new accounts Barrier to implementing automated processes Movement of individuals between units results in additional addresses (and confusion) Rollout of new services and integration with cloud service providers become more complicated and are often delayed

Target 4 A uniform address for all members of the UCSF community Continuous delivery of sent to all historical addresses in perpetuity Benefits –Simpler experience for UCSF community –Department or organization move does not affect address –Simpler account provisioning logic, leading to faster turnaround and opportunities for automation –Single namespace is aligned with most cloud service integration requirements

Proposal 5 New individuals joining the UCSF community will receive a primary address The ‘mail enable’ web page used during account provisioning will have alternate domain choices removed Existing UCSF individuals using a primary address not matching the new standard will have: –proxyAddress populated with their current address –Primary address reset to format –UCSF Listserv memberships automatically updated with new address –Authoritative directory listings (CLS, SIS, E*Value) automatically updated

User Impact 6 sent to prior address and new address will be delivered to single mail box – No Impact Loss of identity and ‘branding’ associated with domain suffixes on outgoing mail – Impact Variable Ability to send to external Listservs that restrict input to validated addresses will be interrupted until Listserv account is updated with new address – Impact Moderate Business cards and other collateral with prior address may need updating – Impact Low to Moderate

User Impact 7 Custom inbox rules built manually from addresses rather than the global address list will need updating – Impact Low External correspondents may notice multiple entries in their address book for UCSF staff – Impact Low Users may forget that registrations on external websites used their previous address – Impact Variable Business processes that query AD for users (sub-optimal choice, but may exist) will no longer work – Impact Unknown

Alternate Servers 8 There is no requirement that members of the UCSF community use the enterprise Exchange server Small number of units continue to operate independent servers Options for provisioning / cloud integration for this population –Create even when account is provisioned for individual joining unit not on Exchange –The Exchange account might not be used, but existence will facilitate integrations that need address –Inform account owner that address is used for authenticating to these services

9 DomainAccounts ucsfmedicalcenter.org9381 anesthesia.ucsf.edu529 peds.ucsf.edu481 obgyn.ucsf.edu447 medsfgh.ucsf.edu416 medicine.ucsf.edu388 orthosurg.ucsf.edu ccrc.ucsf.edu1 chanoff.ucsf.edu1 ebinet.ucsf.edu1 clinlab.ucsfmedctr.org1 uap.ucsf.edu1 Alternate Domain Statistics

Visual Impact of Domain – Outlook Web Access (OWA) on Mac 10

Visual Impact of Domain – OWA on Windows 11

Visual Impact of Domain – Outlook on Windows 12

Visual Impact of Domain – IOS 13

Integration Project Examples 14 UCSF Box –Box expected a single primary domain –Two UCSF staff members spent significant portion of month to resolve complication –Initial Implementation Delayed Cisco Unified Communications –Uniform Resource Identified (URI) must be constructed for each individual –Primary address can’t be used, because UC implementation overly complex if many domains supported –Ad hoc heuristics in development to pick address from among multiple candidates in proxyAddress field

UCSF Box Integration 15

Recommendation 16 Request approval via IT Governance Process Define process for obtaining necessary community input Identify resources and schedule for the implementation of proposal