By
Apryl Motley - Technical Writer & Communications Lead, Internet2 Trust and Identity/NET+ Service
Members of the identity and access management (IAM) team at the University of Wisconsin–Madison (UW–Madison) will be our featured presenters for “From Modernizing Our Use of Grouper to Provisioning with midPoint and Developing Standard Populations” as part of IAM Online on Wednesday, Feb. 15 at 1 p.m. ET with Erik Coleman, IAM architect, University of Illinois–Urbana-Champaign, serving as moderator.
Long-time users of Grouper, the IAM team at the University of Wisconsin–Madison, played a key role in the university’s Interoperability Transformation Initiative, which aimed to modernize the ways people connect while managing digital infrastructure and services at pace and scale. One of its key outcomes was moving Grouper from on-prem to hosting it in AWS. Now the team is in the process of implementing midPoint as a mechanism for offering campus stakeholders central provisioning and de-provisioning options and infrastructure.
Join Us! |
Already registered for IAM Online in the last year? You will automatically receive Zoom coordinates for current and future IAM Online webinars – you only need to register once!
Haven’t attended an IAM Online? Register Now! Connection details will be emailed directly to all registrants on the morning of the event. |
Additionally, the team has engaged in policy development to define standard populations for their campus constituents. Members of the UW–Madison IAM team will join us for IAM Online where they will share the strategy and methodology behind their work. We asked them to give us a preview of their upcoming presentation.
Q: What do you hope attendees will learn from your presentation?
A: We hope attendees learn more about moving Grouper to the cloud, implementing midPoint, and a potential path toward the policy work around defining populations to move an organization toward more standardization. We have learned a lot in our ongoing journey, so we are excited to share that with the community.
Q: Why is this an important topic to cover?
A: We know many organizations are in the process of creating an identity and governance administration (IGA) strategy, implementing IGA tools, or improving/expanding their use of Grouper. We are eager to share what we have learned. Additionally, we know the lack of standardization in higher education on definitions for groups like “current students” is a challenge, so we are eager to share what we have been learning.
Q: What served as the university’s impetus for implementing Grouper and midPoint?
A: UW-Madison has used and plans to use Grouper for the long term. We decided to move it to the cloud (specifically AWS) as a way to improve performance and help us explore running IAM infrastructure in the cloud. Implementing midPoint is intended to help us supplement our enterprise offering for provisioning and de-provisioning. This is an unmet need in our environment today.
Q: What was your biggest challenge? How did you overcome it?
A: On the policy end of defining our populations, the two biggest challenges have been (1) figuring out the right partners and then developing strong partnerships to allow us to move the work forward and (2) managing organizational change. Doing things in standard ways inevitably means lots of change for service providers.
On the technical end of moving Grouper to the cloud and implementing midPoint, some of the biggest challenges have been…
- Untangling legacy architecture, including pre-existing group structures, loaders, or backend systems running the application.
- Transitioning from local Oracle DB to cloud Postgres DB was interesting; we had to rewrite all of our loaders.
Q: What advice/suggestions would you offer to other institutions considering implementing Grouper and/or midPoint?
A:
- Plan for scalability, Grouper can do so much but only if you have the resources to back it up.
- Standardize the groups you’re using to drive populations! It makes things a lot simpler in the long run; you don’t have to search extensively for how you built a population for a given service. This also helps if you have to make changes to a population and makes it so that you only have to change a couple of groups.
- Start small & build!
Join Us!
- Already registered for IAM Online in the last year? You will automatically receive Zoom coordinates for current and future IAM Online webinars – you only need to register once!
- Haven’t attended an IAM Online? Register Now!
- Connection details will be emailed directly to all registrants on the morning of the event.
Got ideas for IAM Online? Let us know.
ICYMI
Getting Off Script with Grouper
InCommon Academy Instructor Insights: Making the Most of midPoint
About the Author(s)
Apryl Motley
amotley@internet2.edu
Technical Writer & Communications Lead, Internet2 Trust and Identity/NET+ Service
Apryl Motley, CAE, leads communications efforts for the Trust and Identity and NET+ teams at Internet2, including content development for their respective newsletters. Apryl has been working in the communications field for more than two decades.