Quarterly IAM Update - Sunrise / Sunset

July 12, 2018

PI-14 (Fy'18 Q4) has completed and a new PI-15 (FY'19 Q1) has begun. Our final PI-14 update and PI-15 goal details are below.

Final PI-14 Feature Status

pi-14 final

  • Complete Committed Features (11)
    • O365 Self Service Opt-In Stabilization for Students
    • Improvement for Authentication (CAS Server)
    • IAM Database to the Cloud
    • Authentication Environment Updates
    • Provision HU-LDAP branch
    • Provision a group to University AD for Papercut application
    • Review and Address HK Self Service user improvements
    • DUO update user alias and user information from HarvardKey self-service
    • Move XID schema to the Cloud
    • Work with Security to define the OU provisioning strategy for UNIVAD for future implementation
    • Grouper does not include people when an active role is added, if person had no prior active roles
  • Additional Complete Objectives (3)
    • Move Midas App Admin to the Cloud
    • Add Grouper Loader Job Fail Notifications
    • Grouper DB access: Create read only and read/write dB users. 
  • Commitments Deferred by Customer (2)
    • Provisioning access for users who are Withdrawn, Not Registered and Leave of Absence - Request to delay per Registrar
    • Scramble (or lock) Students who didn't enable MFA - Request to wait until end of DCE Summer School
  • Commitments Deferred to Next PI (4)
    • AuthLDAP branch to Unified LDAP (SHA-1 only) - Will be migrated in PI-16
    • Optimize IIQ deployments (Cloud Formation templates) - Will be deployed in Production in PI-16
    • Deprovision users in University Active Directory using grace and separation rules - Delayed to ensure alignment with Steering Committee
    • IIQ Upgrade - Delayed due to high volume of additional validation necessary

Final Fiscal Year 2018 Operational Statistics

FY18 Ops

Key Claimed 55,484
Changes Processed 244
Tickets Updated 29,423
Tickets Resolved 14,237
Priority 1 & 2 Tickets 27

FY'19 Goals

The IAM team has identified the following key goals for FY'19 (July 1, 2018 - June 30, 2019)

  • Provision Groups to Active Directory - Provision Groups from University Group service into University Active Directory to improve authorization and list management
  • Partner with HLS/HMS for Provisioning - Standardize provisioning of user data into school directories via University systems
  • Protect O365 with Two Factor - Secure University email by enabling Two Step verification in Office365
  • Upgrade Critical Infrastructure(Authentication / IIQ / Grouper) - Upgrade essential services to ensure stability and supportability
  • Determine solution for XID replacement to integrate with HarvardKey platform - Identify next generation solutions to meet growing University Executive Education and guest user requirements

PI-15 has begun and the attached document describe current progress and status of FY'19 Quarter 1 objectives.

See the attached documents for full details about these PI sand IAM project/operational statistics. You can learn more about how we do PI Planning and how to interpret the attached Summary/Priority reports by viewing our "IAM Planning & Progress Reporting" overview post.

pi-15_-_sprint_1_-_priorities.pdf63 KB
pi-14_-_final_-_summary_report.pdf81 KB
pi-14_-_final_-_priorities.pdf60 KB