strategies for directory deployment - centralized, distributed, federated, decentralized
DESCRIPTION
Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized. Presenters (East to West): - PowerPoint PPT PresentationTRANSCRIPT
Presenters (East to West):
Suresh Balakrishnan, University System of Maryland Dennis Cromwell, Indiana University - BloomingtonMelinda Jones, University of Colorado at BoulderMark Crase, California State University David Bantz, University of Alaska
Strategies for Directory Deployment - Centralized, Distributed, Federated, Decentralized
2003.10.14 [email protected]
UA Enterprise Directory
•Centralized core data
•Campus applications
•Contacts: self-service
University of Alaska
UA Directory Status
67,000 students; 10,000 employees; 760 departments
Departments fork linked to employees
Web gateway interface supports searching, listing, self-service data
Scheduled & ad hoc batch updates from multiple sources
QuickTime™ and aPhoto - JPEG decompressor
are needed to see this picture.
UA Enterprise Directory StrategyEnvironmental Challenges
Distributed implementation team
Complex interface constraints - based on attributes or roles
Sub-set vs. super-set philosophies
Two phase commit for self-service edits (Registry/EDir)
Registry (Oracle db) enforces UA rules (syntax, constraints, validation values)
Distributed admin facilitated by attribute-based roles (role-based ACIs)
UA Enterprise Directory Responses to Challenges
UA Directory Architecture
SQL
B*ntz
Directory Search (Anon.)
Directory Search (Auth.)
Detailed Results (Anon.)
Self-service edits (Auth.)
Employee ids, student ids, social security identifiers are not stored in the Directory
Web gateway intermediary communicates only via SSL
Data changed only by “known” processes (web gateway or MAU IT)
Gateway limits bulk harvesting
Protecting Information