1 / 19

The NMI Integration Testbed

NMI Participation. future expansion. Implementers. ?. Target Communities. Sites. UAB UAH UFL FSU GSU UMich TACC UVA. NMI Integration Testbed. USERS. CONTRIBUTORS. DEVELOPERS. SUPPORTERS. NMI Integration Testbed. Developed and managed by SURA.

anahid
Download Presentation

The NMI Integration Testbed

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NMI Participation future expansion Implementers ? Target Communities Sites UAB UAH UFL FSU GSU UMich TACC UVA NMI Integration Testbed USERS CONTRIBUTORS DEVELOPERS SUPPORTERS NMI Integration Testbed • Developed and managed by SURA • Evaluate NMI components upon release (USC) • Real life contexts - research projects, enterprise applications and infrastructure The NMI Integration Testbed http://www.nsf-middleware.org/testbed

  2. NMI Components Take on New Meaning Mike Conlon, Ph.D. Director of Data Infrastructure mconlon@ufl.edu

  3. NMI Components

  4. NMI Components At UF

  5. One Slide About UF • 49,000 students in Gainesville Fl • Freshman class: 3.92 GPA, 1300 SAT • $1.8 Billion annual budget, $450 million in research -- growing at 12% per year. Health Sciences – 52% of research. • 140 academic departments in 23 colleges • Land grant – extension in all 67 counties. • The Gators, Lady Gators, GatorAde

  6. One Slide About UF Technology • 500 IT professionals across campus • Very decentralized • Over 300 email servers • 30,000 devices on the open network • AD, NDS, iPlanet, OpenLDAP, Kerberos • Recent Directory Project • Current PeopleSoft implementation

  7. Using the Components • Conventions and Best Practices • Metadirectory Practices • Enterprise Directory Roadmap • Practices in Groups • Schema • eduPerson • eduOrg • commObject

  8. MetaDirectory Practices • Concepts of identity management • Single Sign-On • Security • Provisioning • Deactivate • Attribute Use • Identity resolution • Identifers

  9. UF Directory Project • Start planning August 2000 • Finish report September 2001 • Begin implementation October 2001 • Deploy new directory January 23, 2003 • http://www.it.ufl.edu/projects/directory

  10. Directory Project Deliverables • New Registry • New LDAP schema (eduPerson, eduOrg) • New IDs – UFID and UUID tied to GatorLink • 50,000 new Gator One cards • 1,500 applications modified • New self-service apps http://phonebook.ufl.edu • New directory coordinator apps • New APIs for directory-enabling business processes

  11. UF Directory – Architecture

  12. Identifiers • GatorLink – public username, email address (mconlon@ufl.edu), single sign-on. Revocable. Lucent. • UFID. Eight digit random number assigned by UF. nnnn-nnnn. Used where SSN was used previously. Protected. Revocable, opaque. • UUID (GUID) “NDC”. Opaque, non-revocable. Not used outside central systems.

  13. Enterprise Directory Implementation Road Map • Parallel Tracks for Technical Work and Functional work • Value proposition – why do this (UF spent $4.7 million). Selling “position” or future capability is tough. What can we actually do? Why is it better than what we have? • Use vignettes • Under promise, over deliver

  14. A Vignette Bill is a physician faculty member in the College of Medicine. He and/or his department administrator can update his contact information using a web page. This information automatically populates/updates the personnel system, the Shands Communications system (CHRIS), the Shands HealthCare on-line directory of physicians, Bill’s entry in Netware Directory Services, Active Directory, the on-line phone book, the UF enterprise directory database, and the UF LDAP directory. People using email programs and their address books always automatically access Bill’s current email address. UF business processes have access to Bill’s current information. Bill’s information is updated once and is used and accessed consistently across the enterprise.

  15. Functional Issues • Who can update data? • Who can replicate data? • Who resolves conflicting values? • Who owns data? • Who can access data? • What business processes are supported? What processes are not supported?

  16. Recent Projects • LDAP infrastructure improvements • Library authorization via directory • VPN access via directory • UF Web Portal uses LDAP and LDAP groups • UF Housing Icarus system • Active Directory Provisioning

  17. LDAP Groups • Practices in Groups • Currently using groups for Portal • Considering groups for email • Considering groups for role information

  18. Current Projects • LDAP infrastructure improvements v2 • Help Desk integration • Authorization management • Active Directory Provisioning • commObject for video, VOIP • PubCookie • Location management • Password management

  19. Rethinking Directory Services • Metadirectory Practices • Identity management, identifier strategy • Enterpise Directory Road Map • Functional issues dominate • Practices in Groups • Second phase issues for improving services

More Related