Click here to receive your FREE subscription to Campus Technology
Focus
Privacy Drives Directory Work at Northwestern
9/20/2007
On the shortlist were Microsoft Identity Integration Server, OctetString (acquired by Oracle in 2005), and Radiant Logic RadiantOne. The cost and scope of the Microsoft solution eliminated it from final consideration. And after a close examination of the two remaining choices, Board said, RadiantOne came out on top based on its internal business rule construction interface. "We felt that RadiantLogic's programming interface and fundamentally Java-based interfaces for code that we would have to write centrally was more amenable to our skill set, and we felt it could be better supported going forward than an OctetString."Board said he estimates that the university has invested about $100,000 in the software's licensing and maintenance fees. Deploying it on the central forest, as a Windows 2003 instance, took about two months of committed staff time, stretched across 12 calendar months. Part of that, he said, "was making sure we had various rules in place debugged and special cases taken care of."
Then the challenge became bringing those other forests into the operation. "This is no small feat," Board said. "It took us the better part of a year to come to a consensus in the university about how AD was going to be managed--whether we were going to get rid of those 18 forests and everybody was going to be part of one central forest or whether there was going to be inter-forest trust relationships."
When the decision was made to retain the forests, the two-year project to move the 18 directories began. Here the tricky parts of the projects were twofold: getting that school or division to make the decision about whether to buy new hardware and get the software installed, said Board, and getting schema definitions synchronized between RadiantOne and each individual forest.
Also, the administrators at the individual forests needed training, if appropriate, in how to create manual identities in situations, for example, where a visitor to the campus community wanted access to the network. That also involved implementing software rules as part of the RadiantOne filter feature.
But once those issues are nailed down, said Board, "building the actual solution and scheduling time to flip the switch is less trying."
The new approach has the identity system talking to LDAP as its only target, and then RadiantOne takes the LDAP changes and processes them out to the appropriate AD forests.
Next up for Board's team regarding its work with RadiantOne: bringing up a second instance for disaster recovery purposes and virtualizing the servers rather than having "iron" dedicated to the software.
Board advises his peers in other schools to be moving to a system that maintains a single identity for each member of the community. "Based on complexity of the institution and its size, that may require multiple directory services of one sort or another," he said. "Keeping those services in step, one with another, is non-trivial. But software like RadiantOne makes it more digestible. It becomes a more manageable, sort of an isolatable function within the network, rather than having it combined with some parts of your identity management structure."
Read More:
Dian Schaffhauser is a writer who covers technology and business. Send your higher education technology news to her at dian@dischaffhauser.com.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Business Intelligence Tool Means Healthy Data at UVA
University IT groups will recognize the challenge of combining disparate data from more than one department in order to create meaningful reports for various users. At the University of Virginia Department of Medicine, which is overseen by UVA's School of Medicine, data was coming from two very different accounting systems, which meant problems for faculty members whenever they needed to run reports.
- Exec Describes Microsoft's 'Social Networking' Vision
A Microsoft executive involved with the company's Windows Live efforts outlined some of the company's ideas about cloud-based computing and social networking technologies Tuesday. The talk was presented by Brian Hall, general manager of the Windows Live Business Group, at the 2008 Merrill Lynch Technology Conference May 6.
- Graduate School, USDA Standardizes on Adobe Acrobat Connect Pro for E-learning
The Graduate School, USDA has standardized on Acrobat Connect Pro, a Web conferencing and e-learning platform from Adobe Systems. The school is a self-sustaining government entity created 87 years ago by the United States Department of Agriculture to provide adult continuing education.
- Texas A&M System Signs Distribution Deal for Virtual Clinical Learning Lab
Texas A&M University has signed a license agreement with BreakAway Ltd., a developer of game-based technology, for the worldwide rights to Pulse!! The Virtual Clinical Learning Lab. Pulse is a federally funded project in development at the Corpus Christi campus that allows medical professionals to practice decision-making protocol and experiential skills on PCs in a virtual hospital setting. The agreement grants BreakAway the rights to develop, market and distribute Pulse.
- Tegrity Records 325,000 Hours of Lectures
Ed tech developer Tegrity reported this week that usage of its Campus 2.0 classroom capture system hit record levels last year, including, among other things, capturing 325,000 hours of faculty lectures on Tegrity servers in a 12-month period.
- JavaOne Keynote: Neil Young Likes Java
Rock legend Neil Young joined Sun Microsystems' Executive Vice President of Software Rich Green on stage during the opening keynote of the 13th annual JavaOne conference, underway this week in San Francisco.
