May 032010
Corey Scholefield, Paul Hilchey – University of Victoria
IDAM Framework Objectives
- implemented SGHE platform
- centralized the management of identity information
- role based access
- evolve away from batch processes
- enhanced security
- personalize, customize and enhance end user experiences
- enhance partnerships with Information Security Office and University Privacy Officer(s)
Current Projects
- Sun Identity Manager Upgrade to 8.1 – allows for business roles, IT roles, application roles, asset roles …
- CAS SSO
- Banner ERP Refresh
- uPortal rollout (migration away from Luminis Portal?)
- Affiliate IDM system
Showed a diagram of UVic Sun Identity Manager Deployment Overview and Enterprise IDAM Overview
I liked the organization of the Enterprise IDAM diagram into layers:
- Identity Authority Source Tier – Banner ERP is the driving system of record
- Identity and Access Management Service Tier
- Managed Resource Tier – LDAP and AD client applications
- Client Application Tier
* great project – “Useless Person Culling” – anyone in the directory with an ID, name and nothing else was culled. Helped clean up about 100K IDs
Demo – Scenario
- user has recently become FT employee
- pre-provisions complete , no username yet
- person goes to self-service to set up Netlink ID
- Sun IDM provisions access to resources
Related posts:
Leo de Sousa
[...] This post was mentioned on Twitter by Leon Lewis Jr. Leon Lewis Jr said: BCNet IDM Workshop – Provisioning and Deprovisioning with Sun’s Identity Manager @UBC: Corey Scholefield, Paul Hil… http://bit.ly/9ibXod [...]