Presentation is loading. Please wait.

Presentation is loading. Please wait.

Management of users at UNIL

Published byAngèle Lacroix Modified over 6 years ago

Similar presentations

Presentation on theme: "Management of users at UNIL"— Presentation transcript:

1 Management of users at UNIL
Who we are: Centre informatique (Ci) A service unit, not a research institute What we are doing: Administrative services Internet services ( , web, …) Academic services Scientific computing Bibliographic databases of scientific publications Services are centralized Every person of UNIL is using at least one of our service

2 History Management of users: Filemaker application
Manually defined in VMS and Unix Hundreds of users In 1992: GESU in production Ingres application Integrated with the HR and students database Thousands of users

3 GESU Now Part of the administrative applications
Mixture of Ingres, Informix, (Oracle and SAP) Used by a non-technical operator Screens to do operations Create, delete, expire users Give, remove access to services for users Automatisation of some tasks GesuWeb: access to basic services for employees MailUnil: access to basic services for students

4 Gesu E-Mail Gesu application Unix (operator’s screens, Piece of
GesuWeb, MailUnil) Piece of software Unix operations LDAP AD Win 2K

5 Authentication of a user
Every person at UNIL has a Username Password Web form Piece of software Unix Change password LDAP AD Win 2K

6 Authorization E-mail -> user database in e-mail system
Unix -> /etc/passwd Web application -> LDAP Authentication in LDAP Authorization in Informix Protecting web pages Authorization: groups in LDAP Win 2K -> Active Directory

7 Future of authentication
GESU a directory Unix Windows Macintosh Web applic PKI, X509 Smart cards ??

8 Future of authorization
Based on groups Managed in GESU Exported to the directory Two types of groups: Organisation groups: containing users Role and function of users determine the membership Service groups: containing organisation groups Groups that are specified in ACL of objects Group membership could be used for Attribute certificates Kerberos tickets

9 Other things … A LDAP – JDBC was developped
A diploma work Include the Macintosh platform New Mac OS X ?? Use of Swisskey Corporate ID Université de Lausanne « Smart card » project at UNIL Try to push for a crypto card Give a single and simple view to the user Setup a portal Security

Download ppt "Management of users at UNIL"

Similar presentations

ADManager Plus Simplify Your Active Directory Management.

ADManager Plus Simplify Your Active Directory Management.
Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
CERN, Information Technology Department

CERN, Information Technology Department
Extern name server - translates addresses of e-mails messages - enables users to use e-mail aliases - … ID cards system - controls entrance to buildings,

Extern name server - translates addresses of s messages - enables users to use aliases - … ID cards system - controls entrance to buildings,
Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.

Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)

Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Presented by: Mark Hendricks

Presented by: Mark Hendricks
ASP.NET Security MacDonald Ch. 18 MIS 424 MIS 424 Professor Sandvig Professor Sandvig.

ASP.NET Security MacDonald Ch. 18 MIS 424 MIS 424 Professor Sandvig Professor Sandvig.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.

Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.

Similar presentations

Ads by Google