Skip to Content

IdM Working Group Meeting 2011-08-03

Printer-friendly versionPrinter-friendly version
Date and Time: 
August 3, 2011 - 1:30pm - 2:30pm
1)  Provisioning of Miscellaneous and Edge Demographics: how we plan to handle the creation and management of UCSB affiliates that exist only in edge systems, such as extension students, emeriti, pre-hires, etc.
2) Federation Architecture: update on our plans for federation/SSO, both with UCTrust and intra-campus


Bruce Miller, Jim Woods, Randall Ehren, Doug Drury, Alan Moses, Glenn Schiferl, Don Voita, Tom Putnam, John Goubeaux, Bill Doering, Ted Cabeen, Matt Dunham, Noah Spahn, Arlene Allen

Matt announced that during the week of 8/8/11 that the Phase 1 rollout would begin.  This will include the New LDAP service,  The new server includes schema changes as previously discussed.  He would like to sunset the current server over the next year.  There is also a new Identity manager function to take the place of the Netpoint user manager, and a new "People Finder" replaces the existing search application.  The new directory contains all individuals with userids identified, initially there are no passwords.  There is a new "Identity Migrator" utility to "activate" an individuals entry in the new server.  This serves to populate/synchronize the passwords in both ldap servers.

Matt also described an "Annex" service which will be used to populate miscellenous demographics, such as extension students and visitors.  Department delegates will be authorized to add entries.   These demographics will have expiration terms defined by demographic.  It was suggested by workgroup members that it would be useful to have the ability to assign particular expiration dates that might be less than the standard expiration term.

An explanation was also provided of some aspects of "Phase II" which includes UCtrust. 

Additional details are available from the powerpoint Matt has