= Areas of Responsibility = Original author: Beth Mercer - 20081031 Support for the University of Alaska Enterprise Directory and Authentication Service is comprised of the following (responsible department and general areas of support): == Project Management, Oversight, and Approvals == Identity and Access Management === Contact === Nathan Zierfuss[[br]] 907-450-8112[[br]] !njzierfuss@alaska.edu[[br]] == servers (directory/gateway hosts) == TS === Contact === !sdtsos@alaska.edu === Functional Responsibility === ==== E Box Status ==== The LDAP responsitory and iplanet software has been moved to the IDMP cluster. The E Boxes, Edgar, Egegik, Eklutna, and Elias, are no longer maintained. ==== IDMP Cluster ==== * RHEL O/S install and maintenance * iPlanet software install and maintenance * ISW software install and maintenance == iPlanet Directories (EDIR directory) == TS === Contact === !sdtsos@alaska.edu === Functional Responsibility === * Manage log related space * Monthly job archiving directory related extract and log files * !AppWorx: EDIR_ARCHIVE * Create and populate directory instances on new hardware * Configure and monitor replication * Create indexes and maintain plugins * Apply schema changes as needed * Apply ACI changes as needed * Create iPlanet roles as needed * Create and maintain password profiles * Schedule and monitor daily exports and backups and other * !AppWorx: LDAP_SUNONE_BACKUPS_* * !AppWorx: LDAP_SUNONE_DUMP_* * !AppWorx: LDAP_STATIC_FILES_* * Configure/monitor ISW * Directory SSL certificate maintenance == Oracle Databases (EDIR "registry") == EAS === Contact === !sdbaps@alaska.edu === Functional Responsibility === * Monitor daily dump and compare of registry and directory * Registry Scripts: dump_all.ksh and compare_dumps.ksh * Resolve out of sync conditions * Daily EDIR Banner extract and feed to EDIR * !AppWorx: EDIR_EXT_ * Daily email feeds from Banner to EDIR * !AppWorx: EDIR_UA?MAIL * Monthly EDIR unit maintenance following BOR structure table updates * process documented at: [[UPDT_unit_changes| Monthly Process: EDIR Unit Changes Following BOR Structure Table Changes]][[br]] * Periodic data validation and cleanup * Primarily cleanup of admin contacts and unit heads/delegates that are no longer employed * Annual directory purge (of inactive records) * Annual review/renew/revoke of sponsored accounts == Web Gateways == IAM === Contact === !ua-iam-dept@alaska.edu === Functional Responsibility === * EDIR Self Service Pages and AUTHSERV UI * Respond to approved requests for interface changes/enhancements * Monitor batch jobs generating static data files used by interface * !AppWorx: LDAPGW_STATIC_FILES * Monitor batch job synchronizing EDIR interface related files between servers * crontab: rsync*.ksh * EAS: UPDATE * respond to approved requests for interface changes/enhancements * monitor batch jobs generating static data files used by interface * !AppWorx: LDAP_STATIC_FILES_* == Equalizer == TS === Contact === !sdtsos@alaska.edu === Functional Responsibility === respond to requests for changes to the load balancing mixes for directory related clusters **NOTE:** Kerberos legacy documentation has been removed as it no longer implemented for authentication. See [[ALL__architecture| Overview of Enterprise Directory Architecture]] for an historical description of functionality. ########################################################[[br]] LEGACY CHANGE HISTORY - NOTE: All subsequent changes are recorded in TracWiki[[br]] ########################################################[[br]] 20081027 elm corrected typo (hardware, not hardware); added reference to David Bantz for oversite/approvals; added additional items of support/responsibility[[br]] 20081031 elm corrected typos