Directory Services Update

Reviews

Tags

Directory Services Update, directory services, Novell Directory Services, Windows Server 2003 R2, Trend Micro, how to, Windows 2000, The Exterminator, David Pogue, NETWARE 4.1

Stats

views:: 11
rating:: not rated
reviews:: 0
posted:: 4/28/2009
language:
pages:: 0

Public Domain

Directory Services Update Randy Cetin Director, CITES System and Technology Services Richard Williams Director, CITES Departmental Services Agenda • • • • • • • Directory Services: The Sense of Urgency Directory Services Project Vision Project Scope for Phase 1 Progress Update Phase 1 Implementation Future Project Phases Q&A Directory Services Update Cetin & Williams May 16 | Slide 2 Directory Services: The Sense of Urgency “Certainly, the urgency for establishing digital identity and the means to manage it is increasing exponentially. This urgency is partly the result of pressure for operational efficiencies necessary for growth. In the typical enterprise, identity is fragmented across silos of applications, operating systems, and services, making the infrastructure difficult to manage cohesively. Enterprises are overcoming some of these challenges by federating identities, making digital identities portable across the continuum of business processes and enabling online business. But while addressing their integration conundrums, enterprises are also falling under increasing regulatory pressures and business requirements that have made digital IdM a priority for executive management.” Neuenschwander and Lewis, Enterprise Identity Management: Moving from Theory to Practice (Burton Group, June, 2005). Directory Services Update Cetin & Williams May 16 | Slide 4 NetID Claim Service • Initial Service Rollout in January 2006 • Full-time Fall 2006 Freshman and Transfers • Need to Extend to other groups – Spring Freshman and Transfers – Grad Students – Academic Outreach – Distance Learning Programs – Others (International Programs, etc) • Need to extend service levels for delivery to address customer needs Directory Services Update Cetin & Williams May 16 | Slide 5 Directory Services Project Vision Project Vision “Develop a service to meet current directory needs as well as develop a robust directory infrastructure that allows future functional enhancements.” Directory Services Update Cetin & Williams May 16 | Slide 7 High Level Deliverables • Facility for managing identity data • Account provisioning capabilities • Replication of registry data for service redundancy/reliability • Provide compatibility with industry-standard directory protocols used by CITES and Campus departments • Provide authorization credentials that can be used in concert with (and add value to) a centrally managed authentication service (authentication service is outside the scope of this project) Directory Services Update Cetin & Williams May 16 | Slide 8 Key Business Benefits • Reduce the cost of introducing new services • Create better alignment between individual identity and eligibility for services • Provide more accurate and timely presentation of identity information and roles • Reduce the overhead associated with managing identity credentials at a campus level and add value to a central authentication service for directory enabled applications Directory Services Update Cetin & Williams May 16 | Slide 9 Multi-phase Project Phase 1: Infrastructure Re-engineering Phase 2-??: Services that support directory enabled applications and add value to central authentication services Directory Services Update Cetin & Williams May 16 | Slide 10 Campus Stakeholder Input • • • • • • • • • Computer Science Library College of Education College of Law College of LAS College of Business College of Vet Med College of Medicine Graduate School of Library and Information Science (GSLIS) • Office of the Dean of Students (ODOS) Directory Services Update Cetin & Williams May 16 | Slide 11 Project Scope for Phase 1 Directory Services - Now ED/EDE AD EAI LDIF QI EDW LDAP ICS Processing Scripts (Perl) “PH” Kerberos MDUMP Extracts Sequential Data Directory Services Update Cetin & Williams NESSIE May 16 | Slide 13 Directory Registry & Provisioning Issues Data Consistency Data Timeliness Proprietary Database and Query Services Lack of database transaction capabilities Software maintenance Non-extensible schema Multiple data interfaces inbound and outbound Limited Event-driven processing Directory Services Update Cetin & Williams May 16 | Slide 14 Progress Update Past Project Milestones To Date Project Chartered Functional Specifications Fall 2004 November 2004 Request for Proposal Technical Specification (Phase 1) December 2004 November 2005 Vendor/Product Evaluation Product Selection Scope of Work for Service Engagement Fall 2005 December 2005 January 2006 Services Engagement February 2006 Directory Services Update Cetin & Williams May 16 | Slide 16 Product and Service Selections • Required 13 months to complete owing to purchase/procurement process • Responses to RFP from all major product vendors • The Winner: IBM Tivoli Directory Integrator • Contract with IBM for Professional Services to implement product Directory Services Update Cetin & Williams May 16 | Slide 17 IBM Directory Integrator • Connects to virtually any data source including Banner messaging services • Includes built-in event handling capability • Open architecture Java development environment • “assembly line” methodology • Extensible parser capabilities • Broad platform support Directory Services Update Cetin & Williams May 16 | Slide 18 Phase 1 Implementation Fall 2006 Deployment EAI ED/EDE AD IDS LDIF IDI LDAP ICS QI EDW “PH” Kerberos Sequential Data Directory Services Update Cetin & Williams NESSIE MDUMP Extracts May 16 | Slide 20 Phase 1 Timelines • • • • • Development: Complete by July 21, 2006 Unit and System Testing: Complete by Sept 1, 2006 Implementation: Complete by October 13, 2006 Work with Departments to perform external testing ~2-3 weeks (depending on how many depts and availability of staff): Phase I deployment complete by ~Nov 1, 2006 Directory Services Update Cetin & Williams May 16 | Slide 21 Future Project Phases Possible Scope for Future Project Phases • Re-engineer Connections to LDAP Directories and Phase-out PH/QI • Re-engineer ED/EDE and Other Interfaces • Authorization for web-based applications • Class roster support • Campus affiliations/relationships (Groups) • Local applications directories • Guest Services • Federated Authorization Services Directory Services Update Cetin & Williams May 16 | Slide 23 Future Phases EAI ? ED/EDE QI AD LDAP IDS IDI EDW ICS Kerberos Sequential Data Directory Services Update Cetin & Williams NESSIE Extracts May 16 | Slide 24 Q&A Contacts Karen Athy-Penrose Project Manager karenap@uiuc.edu r-cetin@uiuc.edu rcwillia@uiuc.edu Randy Cetin Project Co-Sponsor Rich Williams Project Co-Sponsor Keith Wessel Service Manager kwessel@uiuc.edu Directory Services Update Cetin & Williams May 16 | Slide 26