Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Marshall University`s

advertisement

Identity Management Services using Microsoft FIM 2010: Lessons

Learned

School: Marshall University

Presenter: Jon B. Cutler, MS CISSP, Chief Information Security Officer

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Product / Service

Product / Service Description

CampusEAI Implementation of Identity

Management Services using Microsoft Forefront

Identity Manager 2010

CampusEAI Support Agreement for FIM to provide additional technical support to MU team

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Profile / Fast Facts

Profile of Member Institution / Fast Facts

Marshall University is a West Virginia Public Higher

Education located in Huntington, WV and is a Masters –

Large university

Enrollment: 13,900 (72% undergrad/28% graduate)

Employment: 2,100 staff and faculty

Programs: 2 Assoc., 52 Baccalaureate, 45 Graduate, 2 Ed.S.,

5 Doctoral

Administrative system: Ellucian Banner®

IT Infrastructure: Microsoft Active Directory, Exchange

2010 / Live@Edu, SharePoint, FIM, Blackboard Learn 9,

CampusEAI myCampus 7, Cisco wired and wireless network.

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Problem Statement / Pain Points

Replace home-grown Account Management System with a commercially-supported solution

Establish a common credential to enable single-signon (SSO) across all applications

Provide self-service password management facility

Enable select SIS/HR attributes to be available to identity and directory systems

Create, update, and withdraw services, access and distribution group memberships based on changes in the role of an individual

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Implementation Steps / Approach

Implementation Steps/ Approach

Assessment of identity management process

Identify available resources

Design identity management solution

Implement design in test/development environment

Migrate test/dev configuration into production

Review production results; compare to legacy

Discontinue legacy system

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Implementation Steps / Approach

Outcome

Implement Forefront Identity Management 2010R2

Enable self-service password management

Automate creation of user accounts in AD, Exchange and

Live@Edu

Automate creation/update of AD groups which map to default Banner roles (i.e. STUDENT, EMPLOYEE, FACULTY,

ALUMNI, etc.)

Automate creation of ad-hoc security/distribution groups via Banner ‘pop-sel’

Develop internal expertise to utilize FIM as a solution for other IT integration challenges

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Implementation Steps / Approach

Lessons Learned

Identify and review accuracy of data sources

GIGO

Understand IdM processes

You can’t automate what you don’t fully understand or where desired outcome is subjective

FIM is ‘ruthlessly effective’ in synchronization

Insert, update and removal of objects and attributes

Test EVERY process in test/dev environment

Time spent testing is time saved in production

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Role

CampusEAI Value Add

Provided architectural design expertise so MU team not

‘reinventing-the-wheel’

Provided technical implementation expertise in the FIM product

Provided project management services to keep team on task and on schedule

Role of Member Institution

Provided internal replica of key systems in a virtualized test/dev environment

Requirement that MU team understand, implement, and support production services

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Next Steps / Roadmap for the School

Next Steps / Roadmap for the School

Register existing users for self-service password reset services

Add additional sync services for Emergency

Notification Service, IT Billing System, etc.

Review FIM/BHOLD suite for use in analytics

Design and implement process to review access and de-provision services after role change

Explore additional self-service workflows

Management of AD security and distribution groups

Management e-mail vanity, group alias, and mail forwarding services

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Q & A

1111 Superior Avenue • Suite 310 • Cleveland • Ohio 44114 • Tel: 216.589.9626 • Fax: 216.589.9639 • info@campuseai.org• http://www.campuseai.org

Related documents
The Beauty of Mathematics
The Beauty of Mathematics
Homeless OR In need of housing advice?
Homeless OR In need of housing advice?
Strategic Initiative - The Norman S. Minor Bar Association
Strategic Initiative - The Norman S. Minor Bar Association
Key Contact for Ohio`s New State Tests in Science and Social Studies
Key Contact for Ohio`s New State Tests in Science and Social Studies
myCampus Mobile Discovery Document
myCampus Mobile Discovery Document
Credit Services - My Landstar Agent
Credit Services - My Landstar Agent
CLEAN-FX FOR YOUR EFFECTIVE CLEANING SOLUTION
CLEAN-FX FOR YOUR EFFECTIVE CLEANING SOLUTION
French and Indian War - Madison County Schools
French and Indian War - Madison County Schools
Using Visual Logic To Teach A First Course In
Using Visual Logic To Teach A First Course In
Download
advertisement