1 / 15

NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID

The Identity Management System. NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID. By Jonathan Higgins. Presentation Template available from Microsoft. NMI-EDIT CAMP Synopsis.

olga-gilliam
Download Presentation

NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Identity Management System NMI-EDIT CAMP Synopsis, ISCSI Storage Solution, Linux Blade Cluster, And Current State Of NetID By Jonathan Higgins Presentation Template available from Microsoft

  2. NMI-EDIT CAMP Synopsis • Directory Workshop covering directory implementation steps, architectures, person registries, and operational issues. • Basics for implementing an Identity Management System.

  3. What is Identity Management? • Identity Management is an abstract for a system that manages: Identification, Authentication, and Authorization. • Identification is the act of pre-assigning a unique namespace (a username) to an individual. • Authentication binds a person with an Identity • Authorization is the act of ensuring that a person is afforded access only to services and data required to support allowed tasks.

  4. The Big Picture

  5. Growing Pains and Silos vs. Suites • Why are we doing this? • Impending Growth of student, faculty, and staff population • Scalability • Silos: authentication, authorization and application are all self contained and individually administrated. • Integrated Suites: Set of applications that authenticate and authorize from a central service for multiple applications.

  6. What Are We Doing? • NetID project ongoing since 9/2002 • OpenLDAP and Kerberos completed 5/2003 • Active Directory integration synchronized with OpenLDAP and trusted by Kerberos 2/2004 • Negotiation of data to provide individual affiliations for dynamic groups in progress. • Blade Technology and new resources. • ISCSI storage solution for remote data storage in progress.

  7. The State of NetID • 3rd semester in production, and working as intended. • New attributes are on the way. • Dynamic groups based on affiliations • Password Expiration notification system

  8. Groups • Students, Future Students, Undergraduate, Graduate, Staff, Faculty, Employees, Visitors, Temp Employees, Student Assistants, Alumni, and Retired • Groups that will exist before this Fall include: Department based groups, Degree of Study groups, College based groups, and Courses. • What other groups do you think we may need?

  9. Linux Blade Cluster • This project is ongoing and dependant on the ISCSI storage solution. • The MTA project will provide a single mail exchange for the @Kennesaw.edu domain. The MTA will include Spam control and Virus scanning. • Public Visible LDAP replica (FERPA controls will be in place for students)

  10. ISCSI Storage Array? • A procedure will be available to acquire disk space. • As a system administrator you just need to know that ISCSI provides a block level network device, not a file IO share.

  11. How does the ISCSI Storage System work? • Client Systems • OS Layer • Physical Layer

  12. What Still Needs To Be Done? • Upgrade NetID and Administration Tools to include: • Modify schema and add attributes as needed • Modify RDN for user objects to free the uid attribute to allow multi-values or aliases • Add Radius for wireless authentication • Add Account Locking/Deletion • Pursue Campus buy-in to NetID though identifying services and providing documentation for integration. • And more…

  13. What can we expect in the future? • Solution for guest computing may be Sponsorship? An idea introduced at the CAMP. • Individual account holders would be responsible for the sponsorship and creation of an account. • The new account would have no more access than the sponsor. • Access control would be monitored by the sponsor. • Possible solution to guest computing issues, parental access to their students resources, and other.

  14. What else can we expect? • Inter-Institutional Applications • Shibboleth, a Web-based inter-organizational authorization system, leverages attribute repositories such as directories and the larger identity management infrastructure to service inter-institutional applications and resource sharing. • Authentication for students from another trusted university to applications and services hosted here at Kennesaw and vice-versa.

  15. Any Questions? • Feel free to ask anything, except topics that do not concern KSU.

More Related