For approximately 20 years the University of Michigan has provided its users with the ability to create and manage groups, which are used for a wide variety of purposes. The University currently manages 85,000 groups through its enterprise MCommunity directory . After such a long period of time, and especially given the current social climate of increased sensitivity to information privacy, we find it necessary to reevaluate the best way of providing group management capabilities to our users. Ultimately, we would like to provide our users with a rich set of groups, created using dynamic, automated processes, which can securely authorize access to applications, enable email delivery, etc.
A primary project goal is to determine the best methodology for providing these services using Grouper. We plan to pilot several University use cases to manage departmental groups used for both access control and mail to explore and evaluate the Grouper product.
The birthplace of the Lightweight Directory Access Protocol (LDAP) and the OpenLDAP server software, “the University of Michigan is a public research university with a primary campus and academic medical center (Michigan Medicine) located in Ann Arbor, Michigan, and two satellite campuses in Flint and Dearborn. The 19 schools and colleges on the Ann Arbor campus offer 250 degree programs and comprise 44,000 students; 7,000 faculty members; and 14,000 staff. According to the latest national data, the U-M spends more on research--$1.39 billion in FY2016--than any other U.S. public university. U-M's graduate programs include 99 appearing on the top ten list of the U.S. News & World Report (4th nationally).
For the most part, identity and access management services at the University of Michigan are provided by two teams:
The Line of Business team, which is responsible for the development of IAM applications and services. The assistant director of the IAM Line of Business team reports to the executive director of Information Assurance.
The Operations team, which is responsible for the production support of IAM applications and services. The manager of the IAM Operations team reports to the Data Engineering Manager of Infrastructure Services.