Wednesday 1:30 p.m.–2:15 p.m.

Managing Identities: LDAP, Google Directory, and Django

Scot Hacker

Audience level:

Intermediate

Description

The California College of Arts has created a Django-based system to help end-users and staff create and manage identities, passwords, groups, permissions, and more between the LDAP server, Google's directory service, the HR system, and the Student Information System.

Abstract

Universities and other enterprises often deploy a complex mix of systems for managing identities and permissions for students, faculty and staff. Standard LDAP, Google Apps for Education/Enterprise, Student Information Systems, hiring systems, CAS/Single Sign-On, and more must all work together without conflicts or delays. At the California College of Arts, we've created a Django-based system to help end-users and staff create and manage identities, passwords, groups, permissions, and more. Scot Hacker will demonstrate the system and provide a tour of its strictly decoupled internals. The system is unusual in that it uses almost no data modeling of its own, relying instead on communication via python-ldap, Google and Workday APIs, and old-school file shuffling to negotiate communications with other systems.