Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


Campuses Addressing Provisioning, Grouper Deployment, and Banner Onboarding Working Groups Update

Jun 15, 2018, by Erin Murtha
Tags: COmanage, Grouper Working Group, InCommon, Shibboleth, Trust & Identity, Trust and Identity in Education and Research

The Campus Success Program (CSP) includes 10 schools working together to adopt one or more components of the TIER (Trust and Identity in Education and Research) identity management platform (InCommon, Shibboleth, COmanage, Grouper, midPoint, and others). To help facilitate their work, the campuses formed several working groups. This is an update on their activities.

API’s, SCIM Schemas, & Bulk Transaction Requirements – This working group, in conjunction with the Big Ten Academic Alliance, is evaluating provisioning engines, starting with a questionnaire. Results of evaluations will be combined with surveys of the Big Ten member schools from last summer to create three deliverables: a best practices write-up, a list of needed functionality that products don’t support today for consideration on the TIER roadmap, and a high-level product comparison chart for those shopping for provisioning products.

Grouper Deployment Enhancement – This working group is working to enhance the information provided by the TIER Grouper Deployment Guide, including example deployment use cases, a cadence of steps for deploying the Grouper container, and development of specific provisioning practices. The group is prioritizing requests from the CSP schools and doing a gap analysis. Recent discussions include deploying Grouper in the Amazon Web Services (AWS) environment and setting up basic authentication using Shibboleth. 

DevOps Deployment Guide – This working group aims to make it easier for new developers to understand a DevOps environment at a high level, and how TIER uses DevOps and best practices to deploy, customize and maintain the component software. They are also reviewing how some universities are implementing the components at their organizations. The group has finalized the framework for a new TIER DevOps Deployment Guide and is focusing on expanding the guide’s content. 

Identity Onboarding with Banner – This working group has discussed various methods to move data from Banner to midPoint and Grouper, including direct connection to the Oracle data base, BEIS and Ellucian’s Ethos. The working group has developed a proof of concept for Ellucian’s Ethos product involving Banner, Ethos, and midPoint (done in conjunction with the TIER Data Structures and APIs Working Group). The proof of concept was demonstrated at the Internet2 Global Summit in May. Current work includes an analysis of attributes used by Lafayette, Rice and Mines to better understand common usage patterns. The goal is to produce a set of instructions to pull person records from Banner and load them into midPoint.

Support Services Model – This working group will craft a framework to promote collaborative engagement with vendors for development and support of the core components in the TIER identity and access management platform. There has been strong engagement by CSP CIOs and at Global Summit around the questions of need, scope, governance, and participation. Efforts will continue toward drafting potential support models that meet a variety of institutional needs.