1 / 18

Frank Grewe (fjg@umn) Office of Information Technology University of Minnesota

Frank Grewe (fjg@umn.edu) Office of Information Technology University of Minnesota. Physical Plant. 4 different locations 3 production WBOB NTC AHC 1 development/backup Lind Hall. Black Box. Locked 19” rack 2 fiber pairs configured as 200MB etherchannel 2 power connections

george-dixon
Download Presentation

Frank Grewe (fjg@umn) Office of Information Technology University of Minnesota

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Frank Grewe (fjg@umn.edu) Office of Information Technology University of Minnesota

  2. Physical Plant • 4 different locations • 3 production • WBOB • NTC • AHC • 1 development/backup • Lind Hall

  3. Black Box • Locked 19” rack • 2 fiber pairs configured as 200MB etherchannel • 2 power connections • 2 phone lines

  4. Hardware • Ether Switch • Terminal Server • (2) Modems • SUN Netra T1 • (8) SUN Netra X1 • Dell 2450 • SUN 420R/A1000 • SUN E450

  5. Services • Administration/monitoring/security • Certificate Authority • X.500 DSA • “Repository” • Directory gateways • Web services • Email, etc… • Active Directory!

  6. Networks • Private VLAN • Local (umn.edu) • Internet

  7. Remote Admin • Terminal Server connects to console ports (vcon) • System/application monitoring (mon) • Security monitoring • Oncall paging

  8. History • Vision for universal internet access • E-Mail • Gopher • News • Modem Pool • Etc • Directory seen as a lookup mechanism

  9. White Pages • finger • whois • ph • gopher • http • ldap

  10. Fueled Cooperation • First visible joint project between what was then Academic and Administrative groups • Directory required data feeds from: • Staff Demographic Database • Student Records Database • Class Registration Database • Student Fees Transactions

  11. Directory Changed Processes • Demand for electronic update • Mailing lists for classes/departments/etc • Authentication for modem pool access • Departmental Systems (IT Labs) • Buy-in occurs when value is perceived

  12. U Card Services • Directory is used for card issuing • Card is associated with X.500 object • Directory directly queried for authorization

  13. U Card Authorization Services Library Student Registration Special Privileges Directory Services Medical “Food” Service Access Denied Building Access Employees

  14. Authn/Authz • radius • https: • un/pw exchange • Web cookies • UCard • DLF • Batch feeds • ldaps?

  15. Directory Role • Authenticates • Audit Trail • Authorization varies: • None • Some • All

  16. Data Sources • Human Resources • Payroll • Student Records • Accounts Receivable • Coordinate Campuses • Departments

  17. Data Owners in Control • Signoff needed to access attributes • Reviewed yearly • Benefits: • Knowledge of attribute usage • Changes transparent to applications

More Related