BCNET IDM Workshop – Past, Present and Future of IDM

By | May 3, 2010

Mike Shore, Sabrina da Silva and Oscar Shen

Past – Mike

  • Banner ERP used for Student and Staff information = Source of Record
  • leveraged Novell eDirectory Identity Vault using Novell Identity Manager product
  • Blend of custom scripts, Novell IDM and Luminis Integration to provision identities
  • Due to problems with Novell IDM not allowing groups with more than 5000 members, BCIT had to drop using Novell IDM and migrated to use custom scripts

Present

  • Banner ERP used for Student and Staff information = Source of Record
  • Focus on using Active Directory as the main source for Authentication for applications – approximately 800K accounts in AD
  • the custom scripts written in FoxPro to load AD

Banner Business Processes – Sabrina

  • roles Staff, Faculty, Student, Guest
  • groups created in AD – current employee, current instructor, current student, current guest
  • discussed how groups in AD are used

Central Authentication Services / Web SSO – Oscar

  • BCIT heavily leverages CAS to secure web applications
  • BCIT’s implementation of CAS is only used for AuthN, it just transfers a password back to the application so it can do the AuthZ against our AD
  • CAS is used to secure Web Pages, iTunes University, MSDN AA download site

Future – Mike

  • use Banner Enterprise Identity Services to replace the custom scripts
  • BCIT has a phased approach to moving BCIT’s IDM strategy forward (see the slide deck)
(Visited 29 times, 1 visits today)

One thought on “BCNET IDM Workshop – Past, Present and Future of IDM

  1. Pingback: Tweets that mention BCNET IDM Workshop – Past, Present and Future of IDM: Mike Shore, Sabrina da Silva and Oscar Shen Past – Mike Ban... -- Topsy.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.