nmi-edit camp synopsis, iscsi storage solution, linux blade cluster, and current state of netid
DESCRIPTION
The Identity Management System. NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID. By Jonathan Higgins. Presentation Template available from Microsoft. NMI-EDIT CAMP Synopsis. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/1.jpg)
NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID
By Jonathan Higgins
Presentation Template available from Microsoft
The Identity Management System
![Page 2: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/2.jpg)
NMI-EDIT CAMP Synopsis
• Directory Workshop covering directory implementation steps, architectures, person registries, and operational issues.
• Basics for implementing an Identity Management System.
![Page 3: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/3.jpg)
What is Identity Management?
• Identity Management is an abstract for a system that manages: Identification, Authentication, and Authorization.
• Identification is the act of pre-assigning a unique namespace (a username) to an individual.
• Authentication binds a person with an Identity
• Authorization is the act of ensuring that a person is afforded access only to services and data required to support allowed tasks.
![Page 4: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/4.jpg)
The Big Picture
![Page 5: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/5.jpg)
Growing Pains and Silos vs. Suites
• Why are we doing this?• Impending Growth of student, faculty, and staff
population• Scalability
• Silos: authentication, authorization and application are all self contained and individually administrated.
• Integrated Suites: Set of applications that authenticate and authorize from a central service for multiple applications.
![Page 6: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/6.jpg)
What Are We Doing?
• NetID project ongoing since 9/2002
• OpenLDAP and Kerberos completed 5/2003
• Active Directory integration synchronized with OpenLDAP and trusted by Kerberos 2/2004
• Negotiation of data to provide individual affiliations for dynamic groups in progress.
• Blade Technology and new resources.
• ISCSI storage solution for remote data storage in progress.
![Page 7: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/7.jpg)
The State of NetID
• 3rd semester in production, and working as intended.
• New attributes are on the way.
• Dynamic groups based on affiliations
• Password Expiration notification system
![Page 8: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/8.jpg)
Groups
• Students, Future Students, Undergraduate, Graduate, Staff, Faculty, Employees, Visitors, Temp Employees, Student Assistants, Alumni, and Retired
• Groups that will exist before this Fall include: Department based groups, Degree of Study groups, College based groups, and Courses.
• What other groups do you think we may need?
![Page 9: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/9.jpg)
Linux Blade Cluster
• This project is ongoing and dependant on the ISCSI storage solution.
• The MTA project will provide a single mail exchange for the @Kennesaw.edu domain. The MTA will include Spam control and Virus scanning.
• Public Visible LDAP replica (FERPA controls will be in place for students)
![Page 10: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/10.jpg)
ISCSI Storage Array?
• A procedure will be available to acquire disk space.
• As a system administrator you just need to know that ISCSI provides a block level network device, not a file IO share.
![Page 11: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/11.jpg)
How does the ISCSI Storage System work?• Client Systems
• OS Layer
• Physical Layer
![Page 12: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/12.jpg)
What Still Needs To Be Done?
• Upgrade NetID and Administration Tools to include:• Modify schema and add attributes as needed• Modify RDN for user objects to free the uid attribute
to allow multi-values or aliases• Add Radius for wireless authentication• Add Account Locking/Deletion
• Pursue Campus buy-in to NetID though identifying services and providing documentation for integration.
• And more…
![Page 13: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/13.jpg)
What can we expect in the future?
• Solution for guest computing may be Sponsorship? An idea introduced at the CAMP.
• Individual account holders would be responsible for the sponsorship and creation of an account.
• The new account would have no more access than the sponsor.
• Access control would be monitored by the sponsor.
• Possible solution to guest computing issues, parental access to their students resources, and other.
![Page 14: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/14.jpg)
What else can we expect?
• Inter-Institutional Applications
• Shibboleth, a Web-based inter-organizational authorization system, leverages attribute repositories such as directories and the larger identity management infrastructure to service inter-institutional applications and resource sharing.
• Authentication for students from another trusted university to applications and services hosted here at Kennesaw and vice-versa.
![Page 15: NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID](https://reader030.vdocuments.net/reader030/viewer/2022032605/56812be2550346895d90563a/html5/thumbnails/15.jpg)
Any Questions?
• Feel free to ask anything, except topics that do not concern KSU.