Page tree
Skip to end of metadata
Go to start of metadata

Executive Summary

Grouper at Georgia Tech will be a place to define roles/groups for authorization, and they will be provisioned into GTED (campus LDAP) as LDAP attributes that any application can read at authentication time to decide if a user should be allowed to access an application.

Grouper Loader, PSPNG, UI, and Web Services will be running in Docker containers managed by vSphere Integrated Container Engine.  The Grouper Database will be built in an external Oracle Database.  Source data will be loaded from an Enterprise Data Warehouse in Oracle and data will be provisioned to an LDAP Person Registry.  External applications will access Grouper Data directly via Georgia Tech API’s (BuzzAPI) which interfaces with Grouper Web Services.

Organization Description

The Georgia Institute of Technology is a leading research university committed to improving the human condition through advanced science and technology.  More than 25,000 undergraduate and graduate students attend Georgia Tech  in fields ranging from engineering, computing, and sciences, to business, design, and liberal arts.  Our main campus is in Atlanta, Georgia.  International campuses are located in Metz, France and Shenzhen, China.

Containerized TIER Component(s) to be implemented

  • Grouper Access Management Software

Short Management-Level Use Case Description of Your Project

Georgia Tech’s IAM team decided to install Grouper in Docker containers due to a desire to gain efficiencies in development, ease of deployment, and enhanced control over orchestration.  While we are currently running Grouper Daemon, UI and Web Services in Docker containers successfully, we have a lot to learn and build on based on our past experiences and plans for future growth. 

Scope

Deliver a Grouper solution to campus that allows for more central and flexible group and permission management with the capability to integrate with many cloud systems through apis.

  • Phase I - Support groups for Campus Services’ Door Management project

  • Phase II -  Expand Grouper to include more reference data and flexible account profiles

  • Phase III - Promote Grouper use to wider campus audience

  • Phase IV - Replace existing legacy group/role management system

Key Stakeholders

 

SponsorJohn Wilson, Director of Enterprise Information Systems
Campus Success Program Contact(s)

Dusty Edenfield, Systems/IT Architect Sr, dusty.edenfield@oit.gatech.edu

 Bert Bee-Lindgren, Systems/IT Architect Principal, bert.bee-lindgren@oit.gatech.edu

John Bryson, Systems/IT Architect Mgt Sr, john.bryson@oit.gatech.edu
Communications contactDusty Edenfield
Project team members

Dusty Edenfield

Bert Bee-Lindgren

John Bryson

Deployment Partners/ContractorsN/A

 

Project Milestones

 

Activity

Assigned Resources

Start Date

End Date

Load Balancing of Containerized Grouper

Dusty Edenfield

9/1/2017

10/31/2017

Transition to vSphere Integrated Containers

Dusty Edenfield

11/1/2017

11/30/2017

Separation of Prod/Test/Dev Grouper

Dusty Edenfield

12/1/2017

12/15/2017

Expand reference data loaded into Grouper

Dusty Edenfield

12/18/2017

1/31/2017

Integration of user accounts into Grouper

Dusty Edenfield

2/1/2017

2/28/2107

 

Synergistic Projects

Door Control Project by Campus Services IT Group

  • A collaboration between Georgia Tech’s IAM team and Campus Services IT to solve the problem of group management in distributed door control systems

  • IAM was tasked with installing Grouper and integrating campus identity data sources.  IAM has also built custom api’s that layer Georgia Tech’s established access controls and load balancing on top of Grouper Web Services.

  • ITG is responsible for building custom web UI’s that allow end uses to view and maintain Grouper Data using IAM’s API framework.

Constraints, Assumptions, Risks and Dependencies

Constraints

Lack of experience with Docker Orchestration.  

Assumptions

Implementation of Grouper remaining a top priority for GT’s Identity Management strategy

Risks and Dependencies

Level of reliability of a Docker hosted solution.  Degree to which other projects take away from focus due to management directives.

 


 

  • No labels