How is account provisioning (and Banner integration) done in your environment?
Here is the IT architecture scenario at our university
At our university we have an Identity Access Management(IAM) system which creates accounts (refered as account provisioning) for the students/faculty & staff.
We also have an LDAP system that takes all the ID's from the IAM system and creates an LDAP entry.
Currently we have Luminis which takes an XML import file from LDAP on an hourly basis to create accounts in Luminis.
We are implementing Banner and it looks like they want to keep the same setting - meaning that Banner gets all its records from IAM/LDAP.
I would like your opinion in this scenario. I have couple of questions which i would like to know answers for - if you guys could help me out - that would be great.
1) Does Banner have an Identity Access Management system? (meaning that can it create accounts first and then propogate it to LDAP and other systems?) How do you guys do it at your institution and what would you recommend?
2) In your university setting - to create accounts initially (for the first time they access university resources) where do they (students, faculty and staff) go? Do they create their accounts first in Banner and then the accounts are propogated to the other systems? or are they first created in LDAP and then they come to Banner? In your opinion what would be a better way to handle the account creation process?
3) How do you guys handle deprovisioning the accounts? Do you guys run a script to delete an account from Banner, Luminis, LDAP etc or do you do it manually? Which one would you recommend and why?
4) While deprovisioning accounts, do you follow a well defined (by the university) procedure or is it done on a case-by-case basis?
5) For this entire process or provisioning and deprovisioning accounts, do you have any policies/procedures that are followed?
6) Do you guys consider any special cases - like when student accounts are deprovisioned from LDAP - Do you still provide the student an access to Banner Self Service (so that he can print his unofficial transcripts etc.,) and give him an alumni status in Luminis?
Hack Your Knowledge
Recent blog posts
- Luminis IV GCF Single Sign On with OSX=Failure PC=Working
- Cisco 4710 - Load Balancer
- First CPIP - ERROR
- Luminis Developer Job Available w/ Stable Organization
- Luminus Developer Job
- SSO to SSB mixed content error in IE
- Avoid email sending when add or delete user from group
- Luminis components
- Luminis 4 & Groupwise 7
- Luminis Developer Needed for Position w/ Stable Organization
Developer Links
Poll
- Login or register to post comments
- Older polls
Syndicate
Recent comments
1 day 18 hours ago
1 day 21 hours ago
1 day 22 hours ago
1 day 22 hours ago
1 day 22 hours ago
1 day 23 hours ago
2 days 3 hours ago
2 days 6 hours ago
2 days 17 hours ago
2 days 21 hours ago