SUNY System Administration Federation Overview Gavin Hogan July
- Slides: 24
SUNY System Administration Federation Overview Gavin Hogan July 15 th, 2009 A work in progress….
Agenda • • Overview of SUNY Overview of Id. M History at SUNY Federation/Id. M Roadmap The Oracle Experience to date. 2
Overview of SUNY • 64 Campuses. – Plus Research Foundation and Other Entities • Total Enrollment : 438, 361 • SUNY Employees : 87, 362 • $11 B Annual Budget 3
History of Id. M for SUNY Mainframe: • Centralized Management. • Decentralized Management. Portal/Web Phase I • Leverage Mainframe for Auth. N. • Migrate to Distributed Auth. N (LDAP/POP) • Centralized Entitlements with distributed Management. 4
Distributed Authentication This is our current mode of operation. • About 60 campuses have enabled LDAP. • Entitlement and Access Control engine is Home Grown • Protects Business Services ONLY at System Administration. • Credential Management is maintained at home campus. • Low learning curve, easy to implement. 5
Systems Integrated With SUNY SSO • Financial/Accounting • Human Resources and Payroll • Institutional Research Data Collection and Reporting • Business Intelligence • Student Enrollment/Application Processing 6
Systems Targeted For Integration • • Other Agencies: State Controllers Office Campus Student Information Systems UWide and Campus Confluence Wikis Lots of 3 rd Party Software. 7
8
Moving to SUNY Federation • Created a task force to establish shared attribute specifications. • Work on populating attributes at campuses. • Evaluating Technologies; modifications to existing systems • False starts and personnel departures. 9
Key Motivations • Put more control into the hands of the campuses. • User convenience, better SSO. • Improving audit compliance/capabilities • Integrate with other entities through a standard channel. 10
Implementation Team • System Administration – Centralized IT Services • Information Technology Exchange Center (ITEC) – Campus Services and Support • Alliance for Strategic Technologies. – Combined view for the whole University. 11
Key Sponsors • SUNY System Administration – Central Business Offices – Office of Administrative Technologies • SUNY ITEC – Campus clients 12
SUNY Shared Attributes • edu. Person attributes • Mail, telephone, postal. Address etc • suny. Person attributes – Student ID – Person/Emplolee ID 13
Shibboleth POC • The shibboleth POC started with 1. x • Moved on to a 2. 0 implementation. • Was used to a establish technological proving ground for the team. • Highly likely to be used by many campuses as Id. P. • Original team moved on from SUNY. 14
Oracle POC • Oracle has a large suite of Id. M software, including a federation component (OIF). • Solution is complicated, but it covers a lot of ground. • OIF is really a light weight SAML 2 gateway for the Oracle Access Manager • OAM could replace much of our existing Security system. 15
Oracle POC • Oracle consulting engaged for the POC • Shibboleth 2 support has been assured by Oracle, we will hold them to that. • Shibboleth 1 support is expected to be available in the next release – 11 G. 16
Oracle POC - Scope • The scope of the project is small. • Prove that OAM/OIF can protect a federated Oracle Business Intelligence server. • Prove that users can navigate back and forth across a local and a federated OBI server with a single sign-on session. 17
Oracle POC - Scope • OIF Acting as a service provider must interact with a Shibboleth 2 identity provider. 18
Why Oracle • Oracle is a primary technology partner for SUNY • Good relationship since 1987 • The SUNY CIO negotiated for a full University license of the Id. M suite at a very good price. • The suite is fully featured. 19
The Oracle Experience. • For several months we have been drafting a consulting engagement with Oracle. • We had difficulty coming to a technological design/approach. • Product management is very interested in out project and provided some expertise to help Oracle Consulting. 20
The Oracle Experience. • For several months we have been drafting a consulting engagement with Oracle. • Oracle Consulting had difficulty coming to a technological design/approach. • The project has been nearly derailed multiple times through a lack of professionalism from Oracle Consulting. 21
Does it work? Check back in a few months.
Next Steps. • UWide Entitlements. • Training – The Oracle Product Is Lacking Training. • Non SUNY Integrations. 23
Contact me: Gavin. Hogan@suny. edu 24
- Suny system administration
- Ending gavin ewart
- Gavin cotter
- Ceo camden council
- Gavin baldwin
- Gavin cameron
- Gavin cook princeton
- Gavin kearns
- Gavin cameron
- Gavin aspden
- Pc gavin smith
- Gavin cameron
- Gavin davies imperial
- Gavin corey
- Gavin smith wren academy
- Tet spell
- Gavin soorma
- Gavin is designing a kite
- Gavin giovannoni
- Gavin swann
- Kevin gavin
- Tim greenfield
- Gavin soorma
- Wendy gavin
- Elyse hogan