The University of Waikato’s current process and system of user creation and modification was time consuming and complex and manual intervention was often required taking up valuable resources. This was mainly due to a double verification process as a member of the IT department and a supervisor must approve the user creation request. If the IT staff member is away then no one else knows they requests exists. They are also in charge of granting access to financial and HR resources. Their current system could not manage groups which was also causing real problems for the university.
The biggest problem was a new staff member could start one day and it could take up to a week before they could login to the universities network and system. The University of Waikato looked for a few years for a solution and had had a number of other projects to try and solve this problem before engaging Business Mechanix.
Business Mechanix was brought in by the University to assist with the design of the new centralised Active Directory as the first phase of this project, which encompassed both Student and Staff accounts. The second phase was the implementation of Forefront Identity Manager (FIM) to manage the 8,000 staff accounts and synchronise them across an Oracle Database, Active Directory and SharePoint at the University. The Identity Management Solution at the University of Waikato provides ICT staff with a full audit trail and point in time reference as to the access rights of any user at any given time.
As a result user account creation and modification is simplified and improved so less manual intervention is required. As a result this significantly sped up the user account creation process.
FIM now centralises information and allows it to flow through to other systems for example their phone book system to their AD. The of approval of roles now gets automatically sent to the manager to approve as soon as it is approved staff can accessed information which has improved the turnaround time of user account management requests, and reduces and streamlines the processes labour inputs required. It is now saves time and frustration for the student, IT staff and university staff. If it gets an out of office from the manager/approver or it times out a workflow escalates to the next approver on the pre-approved list.
- Identity management discovery and audits of current state
- Identity Management Design & Architecture (any identity platform including Oracle, Sun, Microsoft)
- Microsoft Active Directory Clean-ups prior to Identity Implementations
- Customisation of manual scripts plus integration with identity products
- Identity Management Implementation- Microsoft ILM and FIM
- Setup and Configuration of FIM or ILM to sync identities with Email Systems, Student Management Systems, Learning Management Systems, HR and Finance Systems
- Training on configuration of FIM
- Creating Management Agents
- Implementation of ADFS for federation
- Implementation of Password Changing Portals with SMS Texting integration for self-service of password changing for students
- Forefront Identity Management
- Jade (Student Management System)
- Active Directory