Academic Essay Contest Winner: Identity and Access Management at Davenport University


From August to October of this year, Micro Focus held an essay contest for our customers and users in academic settings. We invited them to tell us how they are using Micro Focus products in their respective schools and universities and how our products are helping make their jobs easier.

We would like to congratulate Steven Tharp, Identity Services Manager at Davenport University, as the winner of this contest. Steven was rewarded with a $250 Amazon gift card and a free Micro Focus Community t-shirt.

Take a look at Steven's essay below.


By: Steven Tharp

Davenport University used to be a NetWare exclusive shop. When it became clear that we needed to run Active Directory in our environment we did not have the staff to create accounts and deal with passwords in two directories. We installed DIRXML 1.0 and used it to populate our AD domain with accounts from coming from our production Tree.

As we grew and things became more complex it was clear that we needed to restructure IDM to meet our every growing needs. We designed a new structure where we used an Identity Vault to be at the center of our IDM world and we then attach other systems to the vault. At about this same time we realized that we could no longer have student computers that booted up and used generic accounts we needed students to accounts just like our staff. At about the same time the University decided to give up its IBM mainframe as the source of all University data and we moved to Banner for our Student records.

This gave us an Identity Vault that was populated from Banner as its primary source of information for both students and staff. In the past we had unique accounts for Students and staff yet Banner was based on the concept of one account per its user. So we removed all the duplicate accounts and used Banner to be the Authoritative source for most account information. As time passed, new systems were purchased by the University and we chose to use IDM to maintain the accounts and to synchronize passwords our systems.

We now have two Google apps domains and Salesforce, and all are populated from a central IDM vault that handles the lifecycle of our users from account creation to people who get married and divorced and change their names. Then finally a complex procedure to gracefully remove accounts as people leave. We use vacation reply rules for the first three weeks after people leave. This requires that the Google accounts remain enabled for those three weeks then we disable them.

We now have a modern IDM environment that leverages the Micro Focus Advanced edition of IDM to maintain our Identities. We have a small Information Technology staff that does not have to create or maintain accounts as this is entirely automated. We also are able to provide zero day accounts for employees and students so that they are productive as soon as they join the University. I once asked one of help desk staff to create a generic user that was needed for administrative purposes and they had no idea how to do so because they had never created an account before. IDM is there to maintain our Identities in a fast secure environment.


How To-Best Practice
Comment List