Click here to load reader
Upload
steve-young
View
183
Download
2
Embed Size (px)
Citation preview
Case Study: Using Identity Management & a Web Portal as a
Gateway to the Cloud Steve Young, CTO
Judson ISD, San Antonio, TX [email protected]
∗ 4th largest public school district in Bexar County, Texas (San Antonio area)
∗ 22,500 students and 3,000 employees ∗ 31 IT staff members ∗ Over 7500 desktops, laptops, tablets ∗ Additional 3,200 virtual desktops ∗ 189 virtual servers ∗ More info at
http://www.judsonisd.org/district/technology/
About Judson ISD
∗ We cannot do it all ∗ Staff size decreasing ∗ Budgets are shrinking ∗ Student population & number of schools increasing ∗ Huge value proposition with many online services ∗ Constituents want 24/7 services and cloud services
are 24/7 ∗ Classroom learning can be extended outside of
normal school day
Why A Cloud Approach?
∗ Generally very high up time ∗ Offer cutting edge services ∗ Low Cost or predictable recurring costs ∗ Quick Deployment ∗ Lower technical barriers to entry ∗ Often can implement without additional staff ∗ If……..
Cloud (SaaS) Advantages
∗ Judson ISD had automated creation, update, & retiring of student & staff accounts, file shares, email accounts and groups with UMRA (User Management Resource Administrator)
∗ This allows MANY systems user information to be automated, not just Active Directory
∗ Timeliness of data is increased, as is security ∗ Users do not have to wait for accounts to be created, as they
are created when the source HR or SIS data is created
We Can Automate Account Management
∗ We offer web/Cloud applications via our MyJISD Stoneware portal to: ∗ All users (staff and students) ∗ To any device ∗ To any location (in or out of network) ∗ At any time ∗ On guest network or in Starbucks
∗ To do this we must know who users are and pass their credentials to disparate web applications
Leveraging Identity in a Web Portal
Two Cloud (Saas) Examples
∗ We did not want to host student email accounts – too much time, $$, etc.
∗ We also wanted to automate account management ∗ We used Tools4Ever and their UMRA product to
automate Live@Edu account management from AD ∗ We authenticate students via AD into our portal and
auto log them into Live@Edu ∗ This could also be done via UMRA for Google Apps
Live@edu
∗ We wanted to provide a simple to use LMS for staff and students to use at will without any technology intervention –chose Schoology.
∗ My team worked with them to be an early adopter of their API/SSO to synchronize account data and manager users.
∗ We wrote a custom web app to synchronize and manage Schoology users
∗ We authenticate students via AD into our portal and auto log them into Schoology
Schoology
∗ Cloud (SaaS) deployments can be extremely efficient and cost effective
∗ But managing users can require a lot of staff time ∗ Automated identity management from source systems is critical ∗ Identities must be further synced with SaaS systems to keep
costs and staff time to a minimum ∗ A portal that can pass credentials from AD and from an SSO
lockbox allows users an easy one stop shop for all their applications from anywhere on any device
In Summary