Oregon State University deployed Grouper (v2.2.1) to production in Spring 2015.
See:
Slides from the IAM Online of June 2015, pages 3-9
http://is.oregonstate.edu/strategic-plan-projects/project-management/iam
Current
Loader & PSP
Reference groups populated from multiple source databases
Groups provisioned to LDAP/AD for SP authz
Examples: pac-12 and xfinity streaming, student athlete printing, office365
ChangeLogConsumer
Provision, activate, de-activate WebEx, Kaltura and Box account when user’s status changes at the university
See WebEx, Kaltura, and Box below
Web Services
Integrated into several processes (change username, update display name, update email alias) so that external accounts are consistent with the data source.
Integrated into user account deletion process to delete all immediate memberships to make sure all ad-hoc memberships are also cleaned up.
Possible Future Plans
- Upgrade to v2.3
AWS integration
Course groups to Canvas, AD/LDAP, Google (Loader/Messaging, PSP)
Google Apps Grouper Provisioner
Rules (notify certGroup admin when user is removed from employee’s group)
WebEx, Kaltura, and Box
- Extend ChangeLogConsumerBase class
- Override processChangeLogEntries
- Check for changes in
- WebEx: webex staff/students group
- Kaltura: Active Users group
- Box: Box-eligible staff group
- Call API/web services to change user's account status whenever the following change types occur:
- ChangeLogTypeBuiltin.MEMBERSHIP_ADD
- ChangeLogTypeBuiltin.MEMBERSHIP_DELETE
- WebEx reference: https://developer.cisco.com/media/webex-xml-api/311SetUser.html
- Kaltura reference: http://www.kaltura.com/api_v3/testmeDoc/index.php?page=overview
- Box reference: https://docs.box.com/reference