Enterprise Directory & Identity Management Infrastructure Project Status

Key Milestones:

• Filled the project Directory Architect position;
• Finalized the directory schema for phase one roll out of the Enterprise Directory;
• Finalized the plan to migrate students from using UID/PIN authentication to using the new UCLA Logon for all web applications;
• Created detailed data flow design for each element to be loaded into ED in phase I;
• Installed the first pair of Enterprise Directory servers. They are currently undergoing various testing including data loading, performance, and replication/failure recovery.
• BOL has successfully separated its authentication component from its ISP component to support a generic authenitcation framework.

Ongoing Efforts:

• URSA is being modified to integrate with ISIS authentication and to support new workflows to guide users through the new account provisioning/management process.
• ISIS is being updated to support the new UCLA Logon ID and the new account management workflow. It is also being modified to use the Enterprise Directory as its data source.
• The ED team is implementing Internet2’s Shibboleth protocol to support federated authentication and to provide a standard mechanism for web applications to query user attributes. UCLA’s implementation is currently in test. It will rollout at the same time as the Enterprise Directory Phase I rollout, which is projected to be March 2006.
• CTS’s Directory Update Application is being updated to integrate with the Enterprise Directory.
• CTS’s campus white page directory is being updated to source data from the Enterprise Directory.

Additional Information:

The EDIMI project is a component of the UTIPP Initiative. Additional information about the EDIMI project can be found at http://utipp.ais.ucla.edu.