A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg.

Slides:



Advertisements
Similar presentations
Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Advertisements

Continuing Education Registrations Automated!. Presentation Outline History – Where We Were (Michael) Present – Where We Are Now (Dave) Present – What.
Data Flow Diagramming Rules Processes –a process must have at least one input –a process must have at least one output –a process name (except for the.
Introduction to Campus Community Why should I care about Campus Community data? January 11, 2006 Updated January 25, 2006.
Automated BOG Fee Waiver Processing Nancy Larson Chris Taylor Bob Hughes.
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.
Evaluation Code 304 Wednesday, 10:30 am – 11:30 am March 31, 2004 Multiple PIDM Prevention Presented by: Steve Ikler Product Manager SCT Banner General.
APPLICATION SUBMISSION MADE EASY. How it all Started One of the largest life insurance companies in the country asked CRL if we could provide an easy.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Active Directory: Final Solution to Enterprise System Integration
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Middleware & Enterprise Services at College Park David Henry Office of Information Technology November 16, 2001.
Who are you and what can you do? Identity Management Faust Gorham University of California, Merced 12/7/2004.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Peter Deutsch Director, I&IT Systems July 12, 2005
PENN Community Project SUG Presentation April 8, 2002.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Directory Services Project University of Colorado at Boulder.
Directory Services Project University of Colorado at Boulder.
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
Sage CRM Developers Course
Learning Information Services Exchanging Data Between Enterprise Systems.
Overview What are the provisioning methods used in the Australian registry system? How are these provisioning systems secured?
Page 1 ISMT E-120 Desktop Applications for Managers Introduction to Microsoft Access.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Georgia State University Case.
Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
The UF Directory Project Project Leader: Warren Curry, Information Systems Project Project Web Site:
1 Simon: What, How and Why Jon Finke Communication and Middleware Technology.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
The University of Wisconsin University Directory Service UDS A repository of people information Has been in production for about a year. Serves White pages,
Data Flow Diagrams A structured analysis technique that employs a set of visual representations of the data that moves through the organization, the paths.
INFO415: Systems Analysis INFORMATION X Activity Diagrams.
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
USM Regional PeopleSoft Conference
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
1 Schema Registries Steven Hughes, Lou Reich, Dan Crichton NASA 21 October 2015.
A Community of Learning SUNGARD SUMMIT 2007 | sungardsummit.com 1 LEAPing with Luminis Presented by: Bob Coon Luminis Technical Services SunGard Higher.
March 27, 2000GSU/IST/Advanced Campus Services 1 Enterprise Directory Strategy & Recommendations Georgia State University.
INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.
Registration Overview Schedule Web Guide, Class Schedule Search, POLARIS, and Registration Checklist.
KIM: Kuali Abstraction Layer for Identities, Groups, Roles, and Permissions.
IBM Global Services © 2005 IBM Corporation SAP Legacy System Migration Workbench| March-2005 ALE (Application Link Enabling)
Data Integration with Veracross Wednesday, June 23 rd Lauren Banks.
Microsoft Identity Integration Server & Role Base Access Theo Kostelijk Consultant Microsoft BV
Copyright 2007, Information Builders. Slide 1 iWay Web Services and WebFOCUS Consumption Michael Florkowski Information Builders.
UCB Messaging Initiative Brad Judy Information Technology Services.
Unified Address Book Security Implications. Unified Address Book Overview –What are we talking about –What is the Risk –What are we doing to minimize.
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.
OpenRegistry MACE-Dir 5/18/09 1 OpenRegistry Initiative Revisiting the Management of Electronic Identity Benjamin Oshrin Rutgers University May 2009.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
University of Southern California Identity and Access Management (IAM)
Overview of MDM Site Hub
Mike Conlon Director of Data Infrastructure October 5, 2005
University of Southern California Identity and Access Management (IAM)
Identity Management at the University of Florida
Mike Conlon Director of Data Infrastructure October 5, 2005
Student Information System (SIS) Report
Presentation transcript:

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg Director, Advanced Campus Services Information Systems & Technology Georgia State University

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 2 “Doing of New Things” “What is science? … a special method of finding things out… the body of knowledge… It may also mean the new things you can do when you have found something out, or the actual doing of new things. This last field is usually called technology––…” –Richard P. Feynman, The Meaning of It All: Thoughts of a Citizen Scientist, 1998.

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 3 In the Abstract Directory architecture includes a “person registry” Person registry “synchronizes” records Input from administrative applications Supports LDAP, student , WebCT, OneCard, Rec Center access, etc…

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 4 Overview Introducing… the real “killer app” Defining Enterprise Directory Architecture WebCT Provisioning – Part one Student Provisioning Next! – Student Rec Center WebCT Provisioning – Part two Future Provisioning

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 5 Introducing – Killer App Benefits of LDAP enterprise directory well articulated Looking for killer app? “We often say that the overall integration and unification a general-purpose directory infrastructure enables is the real ‘killer app’” –The Burton Group, The Enterprise Directory Value Proposition

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 6 Defining the Architecture Directory: name, title, dept, address, phone LDAP compliant interface Logical join: HR, student, alumni, affiliate Person Registry is the join mechanism Core “person” attributes- data stewards help Incremental approach NB: Enhance, don’t replace, existing apps

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 7 Defining the Architecture Resources : Identifiers, Authentication, and Directories: Best Practices for Higher Education The Burton Group: Developing a Directory Architecture, 3 tier model Directory Project Cookbook, cross-functional management, high-level sponsor, iterative approach Bob Morgan: Person Reg Phase I Tasks, checklist

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 8 Defining the Architecture Result GSU Person Registry: –Initial person registry design –Entity relationship diagrams –Overall architectural model –Process flows from source systems –Specific file record definitions for source data Starting point (“But, more scenarios would be nice…)

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 9 WebCT Provisioning Part 1 Faculty want: automated WebCT accounts Sept 2000 Goal: do so by January 2001 Advantages of being “first”: –No existing object constraints –One population selection: students in courses –Familiar extract, several existing code sections –Oracle tables basic RIKEY unique ID for simple joins of tables

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 10

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 11 WebCT… Core student info via nightly batch STUFILE table –Represents nightly batch –Reference for pre-transformation –Audit? tie back to original STUFILE mapped to STUDENT and undergoes transformations…

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 12

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 13 WebCT… Transformations to STUDENT include: –RIKEY becomes key, SSN only attribute –Name is SIS_Name –Code lookups & LAST_“activity” fields added –Operational info (DATE_Created…) added Some data in other tables: –ADDRESS, Courses, WebCT info –STUFILE_CHANGES table holds change info STUDENT mapped to PERSON table…

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 14

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 15 WebCT… PERSON master table –DISPLAY formats of data –PRIMARY_AFFILIATION added (Student) –Name components (first, middle, last…) ISO and BARCODE? –Identifiers still provisioned from “OC_Tables” –Legacy issues… oh yeah, the past –Migration is stepwise…

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 16 WebCT Provisioning Observations Person Registry – flexible, not constrained by complex design –Student info kept redundantly (source, load file, transform table, Master Person) WebCT ids assigned in registry process, file output for WebCT Magically enrolled WebCT courses WebCT API bug… oops, what’s with that?

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 17 Student Starting to Prioritize Steering Group sets overall priorities Person Registry Task List – weekly status Incremental implementation methodology but awareness of longer term –LDAP to replace CSO directory –Authoritative repository on persons –Applications: don’t forget previous queue

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 18 Student … Dec 2000, Student & Web Definition Committee recommends policy All students get “This system was made possible by the 2001 Student Technology Fee, and is effective June 11, 2001.” (Whoa!) , Lab access, file space, web space

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 19 Student … Raising the Bar Single userid/pw for multiple services –Holy grail for enterprise solutions Userid activation includes authentication –Person registry sets userid, initial pw –Student app provides authentication (legacy) –So password resets can be self service (Future Questing: Account Management)

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 20 Student … Raising the Bar Not just enrolled – need more attributes –Admitted, eligible to enroll, registered –Monitor expiry of status –Maintain “active” “inactive” flags Business rule: What’s policy intent? NB: “inactive” remain in person registry Build privilege objects as needed

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 21 Student … Raising the Bar Ta Da! LDAP is part of the solution! –Novell NIMS (Network Internet Messaging System) supports any IMAP, LDAP client –Person registry provisions NIMS via LDIF transaction sets –Person registry construct enables recovery of LDIF transactions

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 22 Next! Student Rec Center High profile, funded by student fees Opening August 2001 – access needed New registry persons – staff, alumni, affiliates… matching required Data store requirements for elements not in any source system… On time (and Goodbye to “OC_Tables”)

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 23 Student Rec Center… Expanding registry population… Matching (avoiding duplicates) needed –Legacy HR app does check legacy student –If matches SSN, prefills address, phone, gender, race, DOB (not name, it’s a format issue) –What if SSN “wrong” or can’t match to student Temp_SSN_Number? Maintain separate tables for student, staff… Matching always with us – Open Issue

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 24 Student Rec Center… Data store requirements Affiliates records –No surprise, expected –Does require interface (avoid duplicates!) –Must have sponsor record –Multiple affiliations possible (how handle as moves beyond Rec Center?)

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 25 Student Rec Center… Data store for “liability waiver” –Unexpected –Rec Center business liability requirement –Special business rules internal to Rec Center Fees paid issue –“Not your registrar’s fees paid!” –What if affiliate, staff not using payroll deduction, Alumni?

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 26 Student Rec Center… On Time & Bonus Round “OC_Tables” are dead, long live registry! –ISO, Barcode now assigned at registry –“PantherCard” printing feeds from registry –PeopleSoft financial interface to person registry –Library feed part of person registry (not yet from person registry…) Uhhh, did we mention “Production?” Did we mention security?

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 27 WebCT Provisioning Part 2 Recall WebCT API bug January 2001? Rebuilt WebCT provisioning for Fall 2001 –(Work around… API remains open issue) NameSpace issues: –Student: –Faculty/Staff: –How distinguish better? Is it a Unique ID? –Tough to resolve in production mode…!!!

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 28 WebCT Provisioning Part 2 Students will have single userid/pw for: – , Lab access, file space, web space… and WebCT

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 29 Future Provisioning Addressing NameSpace issues –Immediate need for and UID groups – very hot Enhanced Library feed –Non-trivial: how many patron groups are there? LDAP White Pages & CSO migration –That means redoing sendmail –Requires self-service for WP entries

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 30 Future Provisioning FERPA and access issues –Prerequisite for LDAP White Pages –Okay, so how provision if no attributes? OPEN Account management support –Buying solution is expensive –Building solution may be complex –But customers want services… –And auditors want security

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 31 Future Provisioning PKI deployment Synchronization using Metamerge… – –Move from batch file processing to transaction processing –Provide immediate registry update for self- service request… –Auto update of source systems? LDAP WP? Annual phonebook printing…

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 32 Future Provisioning SCT Banner Student integration PeopleSoft Human Resources integration Security, production, resources… Your applications here: Use additional lines as needed ____________________________

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 33 Conclusion… almost The person registry is a core component of an enterprise directory architecture Remember slide 8’s last bullet? Starting point (“But, more scenarios would be nice…”) We’ve been discussing the scenarios.

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 34

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 35

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 36

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 37

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 38

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 39 Questions, Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.