All Mgrs Mtg-2005.06.01-Directory Services

Directory Services by Robert Roll, David Hoisve & Steve Harper ACS has a directory with student and employee information out of Student Services and HR. OIT gets a copy of a subset of that directory each evening. Want to explore some of the SOAP/XML options to get the info more immediately in the future. OIT's directory contains a dept numerical ID while ACS only has a textual org ID, but both directories are basically identical. OIT may not be able to republish the info based on our current agreements with ACS. OIT directory does contain passwords. A few areas of campus want to do authentication against an LDAP directory. OIT currently requires them to fill out all ACS forms for authorization to data. There is a "gentlemen's agreement" between OIT & ACS. Deficiencies: OIT is trying to get info on when an individual became active and when he/she truly left the U. Also, non-traditional organizations that aren't based on student, staff or facilty role. HR does have a form for such individuals (affiliates). Not a great deal of granularity in the form. Clay Bake of HR has been working with Dave Hoisve to get more information for forms, PeopleSoft, and ultimately the OIT LDAP. The OIT directory is used for email accounts, Radius authentication, etc. An Identity Management subcommittee under ITC chaired by Dave Huth is looking at this. Guests and Affiliates needing campus network services access. See Dave's ppt. Please look at the list of affiliate roles and let us know if we are hitting enough categories. Turnaround is 24 hours from HR once they get the paper form. Can expedite in certain cases. AOCE does not DOES NOT use the non-employee-data form to get folks in to PeopleSoft ... They have other ""admission"" procedures arranged that can get new, non-credit students in to the system. Guest accounts. The Web application is currently hosted at the Marriott Lib but will be on the OIT site sometime. Guest accounts will eventually work with WANA and secure.utah.edu. Uses standard uNID system to log in. Currently, can only check out day-long accounts. An auto-generated PDF gives the user a Guest Account form and log form. No policy right now for the requesting organization to conform to; OIT just asks them to keep the form(s) for 60 days.