{\rtf1\ansi\ansicpg1252\cocoartf1138\cocoasubrtf470
{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fmodern\fcharset238 Courier;}
{\colortbl;\red255\green255\blue255;\red125\green125\blue125;\red38\green38\blue38;\red12\green0\blue110;
\red11\green113\blue20;\red255\green128\blue0;\red170\green170\blue170;}
\margl1440\margr1440\vieww24120\viewh19520\viewkind0
\deftab320
\pard\pardeftab320\pardirnatural
\f0\fs26 \cf0 Update UA IdP to release attributes to Kuali Ready v. 2.0 2012-08-06\
\
1. Determine that the staging IdP on howkan is a working clone of the production IdP\
\
2. Create attribute resolver for UA ID# scoped (30123456@alaska.edu) in /opt/shibboleth-idp/conf/attribute-resolver.xml\
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\pardeftab320\sl264\slmult1
\f1\fs28 \cf0 \
\fs26 \'a0 \'a0 \
\
\
\
\
\
\'a0 \'a0 \'a0 \
\
\
\
\'a0 \'a0 \'a0 \'a0 \
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\pardeftab320\sl288\slmult1
\cf0 \'a0 \'a0 \'a0 \'a0 \
\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\pardeftab320\sl264\slmult1
\cf0 \
\'a0 \'a0 \'a0 \'a0 \
\
\'a0 \'a0 \'a0 \'a0 \
\
\'a0 \'a0 \'a0 \'a0 \
\
\'a0 \'a0 \
\pard\pardeftab320\pardirnatural
\f0 \cf0 \
\
3. Modify attribute filter (/opt/shibboleth-idp/conf/attribute-filter.xml in standard install) to add the the following release policy\
releasing uakPersonID to Kuali Ready staging service.\
\pard\pardeftab320\pardirnatural
\f1 \cf2 \cf3 \
\
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf7 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\pard\pardeftab720
\cf3 \
\pard\pardeftab320\pardirnatural
\cf7
\f0 \
\
3.1 Modify local hosts file to point to howkan; test the staging idp by pointing browser to:\
\pard\pardeftab320\pardirnatural
\cf6 {\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}uaa\
{\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}uaf\
{\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}/uas\
\
\pard\pardeftab320\pardirnatural
\cf0 3.2 Coordinate with Kai Hsieh to verify or correct as needed.\
\
3.3 Comment out the modification to the local hosts file.\
\
4. Upon successful staging, create service "modification/outage" notice; at scheduled time,\
\
[Need to verify hanin is near enough a clone of heald that it works as production IdP!]\
\
4.1 modify attribute-filter.xml on the hot standby server (hanin) with production version of release policy:\cf6 \
\pard\pardeftab320\pardirnatural
\f1 \cf7 \cf3 \
\
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf7 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\cf4 \cf3 \
\
\cf7
\f0 \
\
\pard\pardeftab320\pardirnatural
\cf0 4.2 Restart the IdP\
\
3.3 Test by editing /etc/hosts to point idp to hanin, pointing browser to\cf6 \
{\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}uaa\
{\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}uaf\
{\field{\*\fldinst{HYPERLINK "https://us.ready-staging.kuali.org/shibboleth-sp"}}{\fldrslt https://us.ready-staging.kuali.org/}}/uas\
\cf0 \
5. If successful, switch equalizer to designate hanin as active, then use same change process on heald\
\
6. Check the new attribute-resolver and attribute-filter.xml file into the subversion repository on iron.}