Presented at EDUCAUSE Annual Conferences and Authentication

Institutional directory service architects and designers face a number of unique technical challenges in higher education. Directory architects from the University of Southern California and the University of Maryland, Baltimore County, will share lessons learned while developing and implementing directory services at their institutions.

Topics will include designing access controls and institutional object classes; using federation identities, Shibboleth, and administrative tools; managing multiple data sources, members, accounts, and guests; mapping data sources to standard object classes; handling interactive and bulk updates; optimizing and monitoring performance, replication, and integration with external authentication systems; and managing groups and privileges.

The solutions offered are based on 14-plus years of practical experience working with the Netscape/iPlanet/Sun directory products. This seminar will focus on intermediate to advanced issues, and most information will be widely applicable to and suitable for any institutional directory effort.

See how Washington State University has extended its authenticated online resources to "friends" of the university with Friend Accounts, extending identity management beyond the confines of the traditional student/employee roles. This presentation will describe the business need for Friend Accounts and will offer an in-depth look at Washington State University's solution.

This presentation details a five-phase deployment strategy for identity and access management (IAM). IAM provides a number of capabilities, including authentication management, authorization management, user administration, resource provisioning, auditing, and reporting to create a comprehensive and efficient approach to managing identities in a heterogeneous environment.