Metadirectory Technical Status Meeting

http://fsuid.fsu.edu/admin

9/20/2005

  • Project Status
    • When attempting to remove radius1 from ring encountered major problems with ring integrity.  Ended up stripping back to one ring member and opening up a problem ticket with Novell.  Now have “2.5” of the ring nodes back on-line (mdsdata.uc.fsu.edu in place of udbprod.uc.fsu.edu for load balance reasons).  Evaluating whether to continue bringing back the Novell ring fully or instead just bringing up either an iPlanet or RedHat Directory Server “pure LDAP” multi-master replicant “ring” in it’s place (issue of eDir passwords vs fsuEduCrypt & fsuEduSha1 values affecting some ~23K people).
    • Moved FSUID “personal pages” under Blackboard with CAS code.  Working on adding Helpdesk and other “stand-along” FSUID web pages as well.
    • “Reset your password” not also allows one to sync other FSUID-associated passwords.  Also added JavaScript to help prevent confusing FSUID values with FSUCard values.
    • Beefed up CAS XML response to spit out more useful attributes (used, for example, in a CAS-enabled ColdFusion application that assigns block tickets for football games).  See http://fsuid.fsu.edu/admin/project-history/09-05-2005.html.
    • Added “Usage Status” column to FSUID attributes page (http://fsuid.fsu.edu/cgi-bin/attributes/fsuid-schema.cgi).
    • Tweaked ERP load to better find primary HR appointments (per Ron Reazin).
    • Added fsuEduEmployeeStatus to get better “granular” view of an employee (http://fsuid.fsu.edu/admin/project-history/08-24-2005.html).  This fixed some ~30 people who were not being identified correctly.
    • Now using “loginDisabled” on FSUID web pages (don’t allow authentication when “loginDisable = TRUE”).
    • Moved FSUID People Search module into production in Bb.
    • Added new fsuEduCarsMailForward attribute to help straighten out the email address mess a bit more (http://fsuid.fsu.edu/admin/project-history/08-10-2005.html)
    • Need a way to allow email clients the ability to LDAP search for student email addresses for FSUID-authenticated users.
    • CARS ßà FSUID status:
      • Create UUID method now in production; should result in fewer “human exception handling” of problems due to mismatch between what CARS thinks is a current employee/student and what other systems think.
      • Still need:
        • Mechanism for setting free dialup access
        • Mechanism for vacation notification
        • Mechanism for setting email forwarding
        • Mechanism for setting email privacy flag
    • FSUID ßà Win AD identity management work for Human Sci, UCS TEC, US WSG & College of Medicine & now College of Engineering (FAMU identities!).   Status?
    • Mailer.fsu.edu:  Status of moving to native FSUID auth?  Deferred for now
    • Shibboleth:  Experimenting on hold since Fall startup; will get back to it when time permits.
    • ERP VPN/eDir Project: On hold until OTI develops a more mature VPN support strategy