Presentation is loading. Please wait.

Presentation is loading. Please wait.

1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 Identity Management.

Published byGabrielle Cobbins Modified over 9 years ago

Similar presentations

Presentation on theme: "1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 Identity Management."— Presentation transcript:

1 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Identity Management Services using Microsoft FIM 2010: Lessons Learned School: Marshall University Presenter: Jon B. Cutler, MS CISSP, Chief Information Security Officer

2 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Product / Service Product / Service Description CampusEAI Implementation of Identity Management Services using Microsoft Forefront Identity Manager 2010 CampusEAI Support Agreement for FIM to provide additional technical support to MU team

3 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Profile / Fast Facts Profile of Member Institution / Fast Facts Marshall University is a West Virginia Public Higher Education located in Huntington, WV and is a Masters – Large university Enrollment: 13,900 (72% undergrad/28% graduate) Employment: 2,100 staff and faculty Programs: 2 Assoc., 52 Baccalaureate, 45 Graduate, 2 Ed.S., 5 Doctoral Administrative system: Ellucian Banner® IT Infrastructure: Microsoft Active Directory, Exchange 2010 / Live@Edu, SharePoint, FIM, Blackboard Learn 9, CampusEAI myCampus 7, Cisco wired and wireless network.

4 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Problem Statement / Pain Points Replace home-grown Account Management System with a commercially-supported solution Establish a common credential to enable single-sign- on (SSO) across all applications Provide self-service password management facility Enable select SIS/HR attributes to be available to identity and directory systems Create, update, and withdraw services, access and distribution group memberships based on changes in the role of an individual

5 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Implementation Steps / Approach Assessment of identity management process Identify available resources Design identity management solution Implement design in test/development environment Migrate test/dev configuration into production Review production results; compare to legacy Discontinue legacy system

6 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Implementation Steps / Approach Outcome Implement Forefront Identity Management 2010R2 Enable self-service password management Automate creation of user accounts in AD, Exchange and Live@Edu Automate creation/update of AD groups which map to default Banner roles (i.e. STUDENT, EMPLOYEE, FACULTY, ALUMNI, etc.) Automate creation of ad-hoc security/distribution groups via Banner ‘pop-sel’ Develop internal expertise to utilize FIM as a solution for other IT integration challenges

7 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Implementation Steps / Approach Lessons Learned Identify and review accuracy of data sources GIGO Understand IdM processes You can’t automate what you don’t fully understand or where desired outcome is subjective FIM is ‘ruthlessly effective’ in synchronization Insert, update and removal of objects and attributes Test EVERY process in test/dev environment Time spent testing is time saved in production

8 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Role CampusEAI Value Add Provided architectural design expertise so MU team not ‘reinventing-the-wheel’ Provided technical implementation expertise in the FIM product Provided project management services to keep team on task and on schedule Role of Member Institution Provided internal replica of key systems in a virtualized test/dev environment Requirement that MU team understand, implement, and support production services

9 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Next Steps / Roadmap for the School Register existing users for self-service password reset services Add additional sync services for Emergency Notification Service, IT Billing System, etc. Review FIM/BHOLD suite for use in analytics Design and implement process to review access and de-provision services after role change Explore additional self-service workflows Management of AD security and distribution groups Management e-mail vanity, group alias, and mail forwarding services

10 1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 info@campuseai.org http://www.campuseai.org Q & A

Download ppt "1111 Superior Avenue Suite 310 Cleveland Ohio 44114 Tel: 216.589.9626 Fax: 216.589.9639 Identity Management."

Similar presentations

UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.

UTILIZING WITH ITA. offers an entire suite of benefits for you and your students. You can also set up s for the purpose.
FIM Best Practices - Architecting Identity Solutions that really work!

FIM Best Practices - Architecting Identity Solutions that really work!
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
What’s FIM all about?. Agenda What is FIM Why are we implementing FIM How is FIM related to Office 365 What will FIM do How does FIM differ from ILM (current.

What’s FIM all about?. Agenda What is FIM Why are we implementing FIM How is FIM related to Office 365 What will FIM do How does FIM differ from ILM (current.
Microsoft Learning Gateway for HE Rob Miles – Hull University, Lecturer Romola Ganguli – Microsoft Education Technology Advisor.

Microsoft Learning Gateway for HE Rob Miles – Hull University, Lecturer Romola Ganguli – Microsoft Education Technology Advisor.
Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.

Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Microsoft Forefront Identity Manager 2010

Microsoft Forefront Identity Manager 2010
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Identity Management Choosing and Using Sun’s Identity Management Suite March 13 th, 2007 Kim Tracy Executive Director University Computing Services Northeastern.

Identity Management Choosing and Using Sun’s Identity Management Suite March 13 th, 2007 Kim Tracy Executive Director University Computing Services Northeastern.
Hybrid Search with SharePoint 2013 and Office 365 Brendan Griffin.

Hybrid Search with SharePoint 2013 and Office 365 Brendan Griffin.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Identity and Access Management

Identity and Access Management
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.

LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
SIM332 UserManagement GroupManagement CredentialManagement Common Platform WorkflowConnectorsLogging Web Service API Synchronization PolicyManagement.

SIM332 UserManagement GroupManagement CredentialManagement Common Platform WorkflowConnectorsLogging Web Service API Synchronization PolicyManagement.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Similar presentations

Ads by Google