1 simon: what, how and why jon finke communication and middleware technology
Post on 11-Jan-2016
216 Views
Preview:
TRANSCRIPT
1
Simon: What, How and Why
Jon Finke
Communication and Middleware Technology
2
Overview
• Brief History– How did we get here?
• Current Functions• Selected Technologies
–Change Queues• Future Directions
3
Distant Past – 1986-1990
• Self service Unix Account– Long Distance Auth Code required
• Controls Access – RPI only• Allows for billing for printing
– Open to all students, faculty and staff– User selected “usernames”– Established relationship with Telecom– Desire for campus wide authenticator
4
1991 – Start of Simon• Joint “Computing in Curriculum”• Accounts for everybody
– One Person, One Account, All systems
• Feeds from HR and Registrar• Rudimentary guest management• Email aliases (.forward replacement)• 1993 – Hostmaster• 1993 – HR moves to Banner.• 1994 – Printmaster - /etc/printcap
5
1994 – ID Cards
• New ID card system– Same feed requirements as RCS– Simon became SOR for ISO numbers.
• Established relationship with ID card operations and management.
• Feed to Library Patron system
6
1996 – Phone Directory
• Required better HR feed• Became source for directory information.
– Some fields washed through Banner.
• 1997 Student records moved to Banner– Mostly a non event from an IdM perspective– No more student “guests”.
• 1998-99 – start PL/SQL rewrite, Y2K
7
2000 – Simon Web
• Move from command line to web for user applications.
• TSM (Backup) billing• File Generation (via PL/SQL)
8
2001 – Windows 2000
• Drive Windows 2000 domain– Password Sync
• Phase out SSNs• Campus Mailroom database• Feed to LDAP server• Feed to WebCT - Courseware
9
2002 – BEST Access System• New ID card system
– Simon record required for access– Including PARKING
• ID Specific Guest Management• Real time HR updates• New Meal Card system• Task force finds Simon SOR for people
10
2003 – More Feeds
• Insite – Space management– People feed to space management system– Buildings and room back to Simon
• Physical Plant management system– Fixx.rpi.edu
11
2004 – Authentication and Authorization
• VPN only accounts• Password Sync to LDAP• Password Sync to Applix• Demographic based building access
12
2005 – Unified Messaging
• Voicemail moves to windows domain– Provisioning via Simon
• Call Manager (VOIP) via Simon
13
2006-2008 – Status/APEX
• Status Drives directory• Started Status driven accounts• Oracle Application Express
– Rewriting existing applications– All new applications
14
Banner (Oracle Admin System)
Registrar Human Resources
Student Records Employee Records
Department Administrators
Simon (Oracle Userid Mgmt)
People
Directory InfoUserids
Active Directory (Windows 2000)
Photo ID Card System
AFS/KerberosEmail
user@RPI.EDU
White Pages LDAP & PH
ID Guests ID Desk
HartfordDirectory
15
Current Functions• Account Provisioning
– Kerb4, Kerb5, LDAP, Active Directory
• Telephone Directory (LDAP, Paper)• ID Card/Parking Transponders• System Configuration
– DNS, Aliases, Printing, Firewall
• Accounting – Printing, Disk, Backup, software licensing
16
Current Functions (cont.)
• Data Interchange– Accounting (PC Store, Telecom)– Building/Room Inventory– Student “Hold”
• Telecom Provisioning– VOIP, VoiceMail
17
Technologies
• Change Queues for other systems• Person Status – drives provisioning
18
Password Changes
• User Web page – encrypts PW with public key and queues it.– Requeue Processor – feeds new back ends.
• Back end processors – decrypt and apply• Notes
– Encrypted copies saved– Queue status web page for help desk
19
Changing Passwords
Database
Secure Web Server
Web Browser Password
Change Page
Change Queue
PublicKey
Password Change Server (Private Key)
SSL Encrypted with Public Key
Windows Domain
Controller
Windows Domain
Controllers
20
Near Futures
• Multiple account types (entitlements)• Based on person status• Delegate control to departments• Password queue rewrite• Oracle Application Express (APEX)• Web Services
21
Questions? Comments? Ideas?
Jon Finke
Rensselaer Polytechnic Institute
http://www.rpi.edu/~finkej
No animals were harmed in the making of this presentation. All scenes involving animals were monitored by employees of
Schenectady County Family Court
top related