Carleton's Enterprise Directory Service (EDS)

Richard GoerwitzCarleton College

What's an EDS?

● It's an easily accessible 'people' info repository– Houses things like

● Names, titles, departments● Phones, address, faxes● Physical locations (e.g., offices, dorms)● AND primary keys to other databases on campus

– Many EDSs (ours, too) contain info on● courses, groups (same thing at Carleton)● organizational units

● Three main strategies:– Extended NOS

● where you extend eDirectory or AD to hold enterprise data

– 'Fat' EDS● where you set up an RDBMS to hold a superset of data

held in other campus DBs [e.g., the ERP system, OPAC, dev/AR system], and provision from there

– 'Thin' EDS (NB: Carleton's strategy)● where you pool and merge your most important 'people'

data then vend that data using a simple LDAP service

How is an EDS Implemented?

So What's LDAP?

● LDAP=Lightweight Directory Access Protocol– A protocol for talking with a lightweight database

● LDAP-enabled databases allow for:– Access via many platforms, OSs, and languages:

● Java, PHP, Perl, Python, C++, etc.● MS ADSI, JNDI, Net::LDAP, etc.

● LDAP is a fast, easy way to access EDS data– Offers one-stop shopping for most applications

Where Does Our EDS Get Its Data?● Colleague/Unidata

– students, staff, faculty, courses● Advance/Oracle

– alumni, parents, trustees, 'friends'● Card-access system/Informix

– pictures● Recruitment Plus/SQL Server

– prospects● Telecomm/SQL Server

– departmental phone #s● NetWare/eDirectory

– some NetIDs, all passwords*

What's an EDS Entry Look Like?dn: carlnetid=mjohnson,ou=peopleappleUserHomeURL: (XML string)uidNumber: 15375carlNetId: mjohnsonuserPassword: (not visible)commonName: Margit C. Johnsontitle: Assoc Dir Off Campus Studiesou: Off Campus Studies OfficecarlOfficeLocation: Laird Hall 131carlCampusPostalAddress: 3-OCSpostalAddress: One N College St...telephoneNumber: +1 507 646 4031fax: +1 507 646 5614carlPrimaryAffiliation: EX

Black = LDAP Green = NetWareBlue = Colleague

carlAffiliation: EXhomePhone: +1 507 645 xxxxhomePostalAddress: Union St...carlLibraryPIN: 20118000000000carlColleagueID: 0100000carlSpouse: John J. Doemail: mjohnson@acs.carleton.edueduPersonPrimaryAffiliation: staffeduPersonAffiliation: staffeduPersonAffiliation: alumeduPersonAffiliation: parentcarlAdvanceID: 0100000000carlCohortYear: 1970jpegPhoto: (raw picture data)

Red = Advance Yellow = Card-AccessBlue = Colleague

What's a Student Entry Look Like?

dn: carlnetid=bergmans,ou=peopleappleUserHomeURL: (XML string)uidNumber: 15979carlNetId: bergmansuserPassword: (not visible)commonName: Sarah C. BergmanpostalAddress: 300 N College St...carlStudentCampusAddress: Burton...carlStudentPermanentAddress: ...USAcarlPrimaryAffiliation: UGcarlAffiliation: UG

Black = LDAP Green = NetWareBlue = Colleague

HomePhone: +1 507 646 xxxxhomePostalAddress: Burton Hall...carlLibraryPIN: 20118010000000carlColleagueID: 1000000mail: bergmans@carleton.edueduPersonPrimaryAffiliation: studenteduPersonAffiliation: studentcarlCohortYear: 2007jpegPhoto: (raw picture data)

Yellow = Card-AccessBlue = Colleague

What's a Course Entry Look Like?

dn: carlcolleagueid=0014331,ou=groupcarlObjectExpires: 2004-04-14gidNumber: 50655carlColleagueID: 0014331carlCourseSynonym: 07744ou: Asian Languages & Literaturescn: JAPN.343.00carlCoursePrimaryName: JAPN.343.00carlCourseSubject: JAPNcarlCourseNumber: 343carlCourseSection: 00carlCourseTitle: Adv Japanese-Film & FictioncarlCourseStatus: Open

Black = LDAP Blue = Colleague

carlCourseCredits: 6carlCourseMaxSlots: 25carlCourseAvailableSlots: 22carlCourseMeetingInfo: LDC 203 TTH 01:15PM 03:00PMcarlCourseTerm: 04/WIcarlCourseStartDate: 01/05/04carlCourseEndDate: 03/15/04carlCourseInstructor:

carlnetid=ntomonar,ou=peopleuniqueMember:

carlnetid=swansonm,ou=people carlnetid=cervonea,ou=people carlnetid=gohg,ou=people

Where is EDS Data Used?

● Web systems– LDAP auth, authz– Whitepages– Online phone book– Departmental pages– Prospect pages

● Admissions systems– Prospect usernames

● VEMS2 front end● Login services

– Core Linux servers– Lab machines

● NetReg● Luminis (SCT)● Illiad (in the Library)● Others!

What Apps Are On the Horizon?

● Library OPAC (vendor issues)● HEAT (version 8; ask Julie M.)● Course Management

– Auto-populate photos, class membership rosters– Auto-generate 'my courses' page for students/teachers

● OS/X 'dynamic local user'● ARTstor● Shibboleth (NMI distributed authentication)

Conclusion

● Our EDS saves ITS time– Relieves us of having to maintain user accounts– Makes it easier to write apps

● Apps only have to go to one place to get most information● Apps usually can get away with a single, simple API

● EDS makes ITS customers happy, e.g.:– Admissions– Library– Students; all our external constituencies

Afterward: Why Doesn't Everyone Have an EDS?

● Management doesn't always understand the need● Vendors want their products to serve as the EDS● Data owners don't always want to share data

– Fear loss of control

● Programmers lack skills– Fail to respect data owners' concerns– Lack integration experience; experience with APIs– Aim too high; fail to achieve usable results