Skip to Content

A Preface

Printer-friendly versionPrinter-friendly version

Based on multiple discussions I have had about the current identity project, it seemed appropriate to document my current sense of what we did and where I went wrong in decision making associated with identity.

First, there is no question in my mind that the current effort has been very poor, viewed either by results or by timing. I would never dispute that observation. My decision to embark on this project was incorrect.

Identity management has been inadequately supported, in terms of campus resources, since its inception at UCSB. The best years were probably 1997 and 1998, when there was little expectation beyond having a functioning V3 LDAP. I won't belabor the IS&C organizational implosion since those years. That is a subject well discussed elsewhere.

In November 2006, Student Affairs (SA) felt that we should try to approach ITB from a full service perspective rather than the austerity view that I had been using when seeking resources thus far. Deborah Scott and I presented what I viewed as a very nice perspective on a full service identity management for the campus. I would opine that collaboration was like-minded, but her unit provided more of the details than mine. The ITB reception was sympathetic to the technology proposal, but not so with the budget.

In December 2006, events lead to the global password reset and the subsequent shutdown of a number of our identity functions. A substitute for activation and password reset was coded for us by SA. That is well known, but it should also be considered in its implications, one of which was that IS&C could no longer perform such coding internally.

The summer of 2007 is when I made the decision to attempt to rejuvinate the identity system by hiring Sun professional services. At the time, they were one of the few potential experts in Sun software. My decision was made based on the sense of feeling trapped where we were, wanting to somehow make this situation better, and the psychology of doing nothing being a very hard path to travel.

As a slight digression for afficianados of cinema, I recall one of the scenes at the end of "Burn After Reading". The CIA Director is speaking to his associate, having just observed their recent experience in a cluster-.... To paraphrase, he asks "Well, what did we learn from this?"  The answer - "Don't do it again", "Yeah... but what did we do?"

Well, I know what I did. I gambled that we would get away with doing something we did not have the resources for. We almost got away with it, except that the universe sometimes thinks its time to give you a smack for your hubris, and mine came in the form of a Sun organization that was so inept, they didn't know how to work with their own product.

When you outsource anything, regardless of what it is, you must have strong, customer side program management. I've known that for at least 3 decades since I went through that education and subsequent on the job training. Since IS&C no longer had that capacity, I tried to get Sun to run both sides of the program. Well, we know where that got us. That was 100% my error and we are where we are.

ITB has finally approved some resources allowing me to hire a person, in this case Matt Dunham. I can't think of a better choice. We *will* pull this poultry out of the fire, but it seemed like I owed an explanation for the big picture.

No one will catch me making this mistake twice. IS&C, now OIST, does not have the capacity to take on any program whatsoever without an infusion of money to acquire resources, and the time to make it so. The Identity program ITB funded is not even close to the program Deborah and I proposed in Nov 2006. My job is to keep people aware of just what they can reasonably expect under the current program, and to disabuse them of any possible inflation without the additional resources to carry it out.

I welcome all questions and will answer them as best I can.