IdM Implementation: Phase 1
The implementation of Phase 1 of the Identity Management (IdM) system will occur Thursday, May 4 through Monday, May 8, 2017.
During this implementation:
- Your password will not expire.
- You will not be able to:
- Change or reset your password during a short period in the latter part of the implementation.
- Update your online Campus Directory entry, but you will be able to look up directory information.
- IT personnel will not be able to:
- Create new accounts or reactivate existing ones, including Unity and Workshop accounts.
- Reset passwords.
- OIT will provide updates via SysNews.
NOTE: Any email request for your account credentials is likely a phishing attempt.
For the latest updates on the progress of this implementation and how it will affect you, see SysNews.
- Identity Management Phase 1
- Identity Management Future Phases
- Identity Management Teams
Benefits to NC State
The Identity Management (IdM) service at NC State provides these benefits:
- Improved security and privacy by sharing about an individual only what is necessary and only when it is necessary
- A single, authoritative access point for an individual’s identity
- Simplified administration by eliminating the need for a separate identity for each of several resources
- Efficient resource sharing within and beyond the university
- Streamlined deployment of a new university business process
In the IdM service, an individual’s identity is based on that individual’s attributes, which are determined by all of his or her multiple relationships to the university. Each attribute provides access to one or more specific services, systems or features. For example:
- A faculty member attribute would provide access to the “For Faculty and Staff” section of MyPack Portal.
- A parking permit holder attribute would authorize parking on campus.
- An alumnus attribute would provide eligibility for NC State Alumni Association membership.
Every college and unit in the university has a stake in identity management. It cannot be developed without a collaborative effort to identify what attributes of identity are important in all business processes used at NC State and to ensure that everyone is using the same definition for each of those identity attributes.
Implementing Identity Management to replace aging infrastructure for Unity account provisioning and deprovisioning and password management services.
- Implementation of Oracle Identity Manager (OIM), Oracle Access Manager (OAM), and BI Publisher (Reporting)
- Utilizing authoritative Sources — PeopleSoft HR, SIS and Campus Directory
- Provisioning and deprovisioning of account targets — Google, Kerberos, Active Directory – WolfTech and Affiliates, and OpenLDAP
- Replacement of Unity provisioning and deprovisioning (See Unity account procedures for Student Accounts and Employee Accounts)
- Knowledge based password change and reset using User Identification and Authorization security questions and answers
- Load (seeding) of identities and attributes managed in existing Unity business processing
- SysNews Tools update to utilize new data sources
- AFS and CIFS transaction updates to use new IdM data sources
- ServiceNow feed update to use new data sources
- DELTA view of IdM data to replace current feed
- Workshop Application integration with IdM for account check-out, check-in and password changes.
- Creation of guest accounts — No-pays will still be processed via HR system
- Key Attributes eduPerson and eduCourse LDAP schema
- Extended grouping categories
- Comprehensive guest management
The IdM project team will work with campus units and IT Governance to determine the priority and schedule for implementing critical services including:
- Creation of guest accounts to manage affiliates
- SAR (System Access Request) replacement
- Unified directory
- Key Attributes eduPerson and eduCourse
- Enhanced grouping logic for class and affiliates
There are two teams associated with the Identity Management work in progress, the Core Leadership Team and the OIT IdM Steering Team.
These are the management and technical leaders driving the active projects in the implementation of Identity Management at NC State.
Connie Reitfort – Project Manager/IdM Development & Access Management
Krishnan Iyer – Development, Access Management, Application Architecture
Brian Ott – Development Technical Lead
Michelle Gray Johnson – Student Information Systems
Amy Coggins – Human Resource Systems
Derek Ballard – Windows Services (Active Directory/CIFS)
Abraham Jacob – Shared Services
Harry Nicholos – Identity & Web Services
Kelly Harrelson – Database Services
Ralph Castanza – AFS Services
Lisa Gallond – WorkLoad Services
Chris King – Help Desk Services
Leo Howell – Information Security Risk & Assurance
Andy Kotynski – Information Security Services
Kevin McDonald – Project Management Assistance
This is the senior Office of Information Technology management team overseeing the implementation of Identity Management at NC State.
Eric Sills – Shared Services. Assistant Vice Chancellor
Gwen Hazlehurst – Enterprise Application Services, Assistant Vice Chancellor
Mardecia Bell – Security and Compliance, Chief Information Security Officer
Stan North Martin – Outreach, Communications and Consulting, Director
Greg Sparks – Communication Technologies, Assistant Vice Chancellor
Susan West – Technology Support Services, Assistant Vice Chancellor