Changes between Version 2 and Version 3 of SoWPhases

Timestamp:

06/22/12 15:05:07 (12 years ago)

Author:

dabantz@…

Comment:

--

SoWPhases

@@ -8 +8 @@
 Work to be done:
 
-• Deploy a working instance of Grouper; 
- ( "working" entails an instance tested and accepted for these PoC functions, but not reduncant platform with active monitoring required for production)
-• Provide authentication and authorization to Grouper via UA-standard SAML IdP, verifying users with UA-Username & AD password
-• Create building-based groups within LDAP, and 
-• Implement a process for automatically provisioning users into the appropriate group(s) based on the office location data in their LDAP record
-• Create ad hoc groups of allowed VPN users within LDAP, and 
-• Implement a process and end user interface for provisioning individual users into one or more such groups
-• Verify that group membership lists and groups to which and individual belongs are both consumable via LDAP queries
-• Document all configurations, interfaces, and connectors
-• Train IAM as needed on maintenance and operation of Grouper, connectors, and interfaces
+• Deploy a working instance of Grouper; ( "working" entails an instance tested and accepted for these PoC functions, but not reduncant platform with active monitoring required for production)[[BR]]
+• Provide authentication and authorization to Grouper via UA-standard SAML IdP, verifying users with UA-Username & AD password[[BR]]
+• Create building-based groups within LDAP, and [[BR]]
+• Implement a process for automatically provisioning users into the appropriate group(s) based on the office location data in their LDAP record[[BR]]
+• Create ad hoc groups of allowed VPN users within LDAP, and [[BR]]
+• Implement a process and end user interface for provisioning individual users into one or more such groups[[BR]]
+• Verify that group membership lists and groups to which and individual belongs are both consumable via LDAP queries[[BR]]
+• Document all configurations, interfaces, and connectors[[BR]]
+• Train IAM as needed on maintenance and operation of Grouper, connectors, and interfaces[[BR]]
 
 Conditions:
 
-UA IAM will provide the accounts and access permissions to its systems required for this work.
+UA IAM will provide the accounts and access permissions to its systems required for this work.[[BR]][[BR]]
 Unicon will document efforts and expenses and UA IAMI will approve monthly billed hours of consulting based on progress and receipt of work.
 Any travel or other expenses will be approved in advance and must conform to UA policies on travel and expenses.
@@ -34 +33 @@
 Work to be done in Phase II: (?)
 
-• Document the existing database structure of ZUAUSR and replicate the functionality in Grouper's database schema
-• Document a sub-set of existing ZUAUSR interfaces (Oracle FORMS) used for requesting and granting permissions and roles
-• Design the connector needed for Grouper to use legacy identities from Banner (which the existing in-house tool uses as user identities) or some means of mapping standard UA identities to those legacy identities
+• Document the existing database structure of ZUAUSR and replicate the functionality in Grouper's database schema[[BR]]
+• Document a sub-set of existing ZUAUSR interfaces (Oracle FORMS) used for requesting and granting permissions and roles[[BR]]
+• Design the connector needed for Grouper to use legacy identities from Banner (which the existing in-house tool uses as user identities) or some means of mapping standard UA identities to those legacy identities[[BR]]
 • Implement user interfaces used for roles for the Document Imaging application, and configure Grouper database and rules to enable Grouper end users to provision those roles as Groups with membership attribute (isMemberOf) values currently consumed by the OnBase Digital Document application (that is, replicate the existing functionality of granting roles used by this application, using the same LDAP directory currently used)