130 likes | 393 Views
Identity & Access Management / Oracle Unified Directory. Los Angeles Water and Power Matt Lampe – CIO Rafik Alsawalhy – System Manager 09/30/2014. Oracle Unified Directory (OUD) Agenda. History of LADWP implementation D rivers Implementation of LADWP OUD/OIM/OAM Benefits Questions.
E N D
Identity & Access Management / Oracle Unified Directory Los Angeles Water and Power Matt Lampe – CIO Rafik Alsawalhy – System Manager 09/30/2014
Oracle Unified Directory (OUD) Agenda • History of LADWP implementation • Drivers • Implementation of LADWP OUD/OIM/OAM • Benefits • Questions
History of LADWP Implementation 2010 Implemented 10g products: • OAM – Implemented to provide additional security to Website for Customer Self-Service with tie into Siebel for account information. • OID – Directory for Customer Identities • OVD – Virtual Directory to authenticate customers (OID) and staff (AD) • OIM – Provision staff based on HR system status into AD, RCAF with password self-service, one-button de-provisioning
Drivers • Upgrade to 11g R2 Suite • New Billing system, migrating Web account linkage to Billing System and Directory • New web self-service for LA Sanitation (accounts in new Billing System) and for City’s 311 system. Desire to allow constituents to use one ID for all services if they so desired. • Single OUD for constituents to simplify management, while providing security for account information. • OVD still used to authenticate staff. • Need to Implement SAML
Current Environment • 1.7 million LADWP customers • 10,000 internal users • 750,000 customer licenses for LA Sanitation and My311 • Web Services to : • Oracle Utilities Customer Care and Billing (CCB) • Siebel application • Internal Portal - Live Oct 30 , 2014 • External site http://www.ladwp.com
Benefits • OUD doesn’t relies on database so there is no cost for database hardware and software licensing and maintenance. • OUD dataset is fully cached in memory thus offering better performance than OID which depend on databases on performance. • OUD is the future direction for Oracle LDAP directory services. • DIP features in OUD allow us to synch between different directory such as eDirectory and AD. • OUD provides very lightweight, easy to configure and provides multiple directory roles such as storage and proxy within a single product.