Presentation is loading. Please wait.

Presentation is loading. Please wait.

A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg.

Published byDina Day Modified over 9 years ago

Similar presentations

Presentation on theme: "A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg."— Presentation transcript:

1 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg Director, Advanced Campus Services Information Systems & Technology Georgia State University Avandenberg@gsu.edu

2 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 2 “Doing of New Things” “What is science? … a special method of finding things out… the body of knowledge… It may also mean the new things you can do when you have found something out, or the actual doing of new things. This last field is usually called technology––…” –Richard P. Feynman, The Meaning of It All: Thoughts of a Citizen Scientist, 1998.

3 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 3 In the Abstract Directory architecture includes a “person registry” Person registry “synchronizes” records Input from administrative applications Supports LDAP, student email, WebCT, OneCard, Rec Center access, etc…

4 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 4 Overview Introducing… the real “killer app” Defining Enterprise Directory Architecture WebCT Provisioning – Part one Student Email Provisioning Next! – Student Rec Center WebCT Provisioning – Part two Future Provisioning

5 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 5 Introducing – Killer App Benefits of LDAP enterprise directory well articulated Looking for killer app? “We often say that the overall integration and unification a general-purpose directory infrastructure enables is the real ‘killer app’” –The Burton Group, The Enterprise Directory Value Proposition

6 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 6 Defining the Architecture Directory: name, title, dept, address, phone LDAP compliant interface Logical join: HR, student, alumni, affiliate Person Registry is the join mechanism Core “person” attributes- data stewards help Incremental approach NB: Enhance, don’t replace, existing apps

7 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 7 Defining the Architecture Resources www.internet2.edu/middleware :www.internet2.edu/middleware Identifiers, Authentication, and Directories: Best Practices for Higher Education The Burton Group: Developing a Directory Architecture, 3 tier model Directory Project Cookbook, cross-functional management, high-level sponsor, iterative approach Bob Morgan: Person Reg Phase I Tasks, checklist

8 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 8 Defining the Architecture Result GSU Person Registry: –Initial person registry design –Entity relationship diagrams –Overall architectural model –Process flows from source systems –Specific file record definitions for source data Starting point (“But, more scenarios would be nice…)

9 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 9 WebCT Provisioning Part 1 Faculty want: automated WebCT accounts Sept 2000 Goal: do so by January 2001 Advantages of being “first”: –No existing object constraints –One population selection: students in courses –Familiar extract, several existing code sections –Oracle tables basic RIKEY unique ID for simple joins of tables

10 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 10

11 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 11 WebCT… Core student info via nightly batch STUFILE table –Represents nightly batch –Reference for pre-transformation –Audit? tie back to original STUFILE mapped to STUDENT and undergoes transformations…

12 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 12

13 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 13 WebCT… Transformations to STUDENT include: –RIKEY becomes key, SSN only attribute –Name is SIS_Name –Code lookups & LAST_“activity” fields added –Operational info (DATE_Created…) added Some data in other tables: –ADDRESS, Courses, WebCT info –STUFILE_CHANGES table holds change info STUDENT mapped to PERSON table…

14 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 14

15 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 15 WebCT… PERSON master table –DISPLAY formats of data –PRIMARY_AFFILIATION added (Student) –Name components (first, middle, last…) ISO and BARCODE? –Identifiers still provisioned from “OC_Tables” –Legacy issues… oh yeah, the past –Migration is stepwise…

16 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 16 WebCT Provisioning Observations Person Registry – flexible, not constrained by complex design –Student info kept redundantly (source, load file, transform table, Master Person) WebCT ids assigned in registry process, file output for WebCT Magically enrolled WebCT courses WebCT API bug… oops, what’s with that?

17 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 17 Student Email Starting to Prioritize Steering Group sets overall priorities Person Registry Task List – weekly status Incremental implementation methodology but awareness of longer term –LDAP to replace CSO directory –Authoritative repository on persons –Applications: don’t forget previous queue

18 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 18 Student Email… Dec 2000, Student Email & Web Definition Committee recommends policy All students get email “This system was made possible by the 2001 Student Technology Fee, and is effective June 11, 2001.” (Whoa!) Email, Lab access, file space, web space

19 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 19 Student Email… Raising the Bar Single userid/pw for multiple services –Holy grail for enterprise solutions Userid activation includes authentication –Person registry sets userid, initial pw –Student app provides authentication (legacy) –So password resets can be self service (Future Questing: Account Management)

20 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 20 Student Email… Raising the Bar Not just enrolled – need more attributes –Admitted, eligible to enroll, registered –Monitor expiry of status –Maintain “active” “inactive” flags Business rule: What’s email policy intent? NB: “inactive” remain in person registry Build privilege objects as needed

21 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 21 Student Email… Raising the Bar Ta Da! LDAP is part of the solution! –Novell NIMS (Network Internet Messaging System) supports any IMAP, LDAP client –Person registry provisions NIMS via LDIF transaction sets –Person registry construct enables recovery of LDIF transactions

22 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 22 Next! Student Rec Center High profile, funded by student fees Opening August 2001 – access needed New registry persons – staff, alumni, affiliates… matching required Data store requirements for elements not in any source system… On time (and Goodbye to “OC_Tables”)

23 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 23 Student Rec Center… Expanding registry population… Matching (avoiding duplicates) needed –Legacy HR app does check legacy student –If matches SSN, prefills address, phone, gender, race, DOB (not name, it’s a format issue) –What if SSN “wrong” or can’t match to student Temp_SSN_Number? Maintain separate tables for student, staff… Matching always with us – Open Issue

24 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 24 Student Rec Center… Data store requirements Affiliates records –No surprise, expected –Does require interface (avoid duplicates!) –Must have sponsor record –Multiple affiliations possible (how handle as moves beyond Rec Center?)

25 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 25 Student Rec Center… Data store for “liability waiver” –Unexpected –Rec Center business liability requirement –Special business rules internal to Rec Center Fees paid issue –“Not your registrar’s fees paid!” –What if affiliate, staff not using payroll deduction, Alumni?

26 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 26 Student Rec Center… On Time & Bonus Round “OC_Tables” are dead, long live registry! –ISO, Barcode now assigned at registry –“PantherCard” printing feeds from registry –PeopleSoft financial interface to person registry –Library feed part of person registry (not yet from person registry…) Uhhh, did we mention “Production?” Did we mention security?

27 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 27 WebCT Provisioning Part 2 Recall WebCT API bug January 2001? Rebuilt WebCT provisioning for Fall 2001 –(Work around… API remains open issue) NameSpace issues: –Student: Flastname@student.gsu.eduFlastname@student.gsu.edu –Faculty/Staff: Flastname@gsu.eduFlastname@gsu.edu –How distinguish better? Is it a Unique ID? –Tough to resolve in production mode…!!!

28 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 28 WebCT Provisioning Part 2 Students will have single userid/pw for: –Email, Lab access, file space, web space… and WebCT

29 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 29 Future Provisioning Addressing NameSpace issues –Immediate need for email and UID Email groups – very hot Enhanced Library feed –Non-trivial: how many patron groups are there? LDAP White Pages & CSO migration –That means redoing sendmail –Requires self-service for WP entries

30 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 30 Future Provisioning FERPA and access issues –Prerequisite for LDAP White Pages –Okay, so how provision if no attributes? OPEN Account management support –Buying solution is expensive –Building solution may be complex –But customers want services… –And auditors want security

31 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 31 Future Provisioning PKI deployment Synchronization using Metamerge… –www.metamerge.comwww.metamerge.com –Move from batch file processing to transaction processing –Provide immediate registry update for self- service request… –Auto update of source systems? LDAP WP? Annual phonebook printing…

32 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 32 Future Provisioning SCT Banner Student integration PeopleSoft Human Resources integration Security, production, resources… Your applications here: Use additional lines as needed ____________________________

33 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 33 Conclusion… almost The person registry is a core component of an enterprise directory architecture Remember slide 8’s last bullet? Starting point (“But, more scenarios would be nice…”) We’ve been discussing the scenarios.

34 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 34

35 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 35

36 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 36

37 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 37

38 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 38

39 A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 39 Questions, Comments?

Download ppt "A.Vandenberg October 24, 2001 University System of Georgia Annual Computing Conference 1 Directory and Person Registry Implementation Details Art Vandenberg."

Similar presentations

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Continuing Education Registrations Automated!. Presentation Outline History – Where We Were (Michael) Present – Where We Are Now (Dave) Present – What.

Continuing Education Registrations Automated!. Presentation Outline History – Where We Were (Michael) Present – Where We Are Now (Dave) Present – What.
Data Flow Diagramming Rules Processes –a process must have at least one input –a process must have at least one output –a process name (except for the.

Data Flow Diagramming Rules Processes –a process must have at least one input –a process must have at least one output –a process name (except for the.
Introduction to Campus Community Why should I care about Campus Community data? January 11, 2006 Updated January 25, 2006.

Introduction to Campus Community Why should I care about Campus Community data? January 11, 2006 Updated January 25, 2006.
Automated BOG Fee Waiver Processing Nancy Larson Chris Taylor Bob Hughes.

Automated BOG Fee Waiver Processing Nancy Larson Chris Taylor Bob Hughes.
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.

Directories at the University of Florida Mike Conlon Director of Data Infrastructure University of Florida.
Evaluation Code 304 Wednesday, 10:30 am – 11:30 am March 31, 2004 Multiple PIDM Prevention Presented by: Steve Ikler Product Manager SCT Banner General.

Evaluation Code 304 Wednesday, 10:30 am – 11:30 am March 31, 2004 Multiple PIDM Prevention Presented by: Steve Ikler Product Manager SCT Banner General.
APPLICATION SUBMISSION MADE EASY. How it all Started One of the largest life insurance companies in the country asked CRL if we could provide an easy.

APPLICATION SUBMISSION MADE EASY. How it all Started One of the largest life insurance companies in the country asked CRL if we could provide an easy.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.

Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Middleware & Enterprise Services at College Park David Henry Office of Information Technology November 16, 2001.

Middleware & Enterprise Services at College Park David Henry Office of Information Technology November 16, 2001.
Who are you and what can you do? Identity Management Faust Gorham University of California, Merced 12/7/2004.

Who are you and what can you do? Identity Management Faust Gorham University of California, Merced 12/7/2004.
UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.

Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
PENN Community Project SUG Presentation April 8, 2002.

PENN Community Project SUG Presentation April 8, 2002.

Similar presentations

Ads by Google