IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
Basic process
- PPS data fed to campus PeopleSoft intance (you would need to talk to the PeopleSoft team about this integration)
- PeopleSoft dumps data nightly to Enterprise Data Warehouse
- Campus IAM team access view of HR data from Data Warehouse
- IAM team runs a "sync process" every morning that has three steps:
- Pulls data for ID matching into memory and conduct an ID match/reconciliation against other Systems of Record
- If new record, provision a new LDAP UID (also provision new MIT Kerberos record for new staff)
- Pull additional HR data to build new LDAP record or modify existing record
Problems with Current System
- No ability to update HR data in realtime
- Sync process is run on legacy code
- Team is in the process of designing IAM framework that includes an updated Person Data Model including a transactional DB for person data (at present, LDAP serves as the primary repository for campus-accessible transaction-based person data)
- Campus runs as "Directory Update" application for updating information in LDAP. Campus also runs some PeopleSoft HCM self-service. Confusing for users. Campus-wide Steering Committee just endorsed a new plan that calls for a campus-wide "identity portal" where main updates to person data can take place and get pushed in realtime to other apps that wish to integrate
Rough Diagram of Current Design
Thoughts on Future Design
- Would like to move to realtime updates
- Would like a rational approach to self-service profile data updates
- Would like to design a campus-wide person data model and repository with standard interfaces that can be used to provision user data to campus and cloud-based apps and for a variety of realtime queries (LDAP, WS, message-based, etc)