Main Nav

Participate in this Group

Search This Group

September 21, 2012 | Dean Woodbeck
Shibboleth Workshop Series October 22-23, 2012 – Gainesville, Florida

Identity Provider * October 22, 2012 * 9:00 a.m.-5:00 p.m. (ET) 
Service Provider * October 23, 2012 * 9:00 a.m.-5:00 p.m. (ET) 


Have you decided to deploy a web single sign-on (SSO) system and leverage it to access resources and contracted services through InCommon? Do you need training on installation and support?

Register now for the Shibboleth Workshop Series, October 22-23, 2012, on the campus of the University of Florida in Gainesville. Attendance is limited to 44 for each day. Registration will close when capacity is...
September 21, 2012 | Valerie M. Vogel
Internet2 has received a $1.8 million grant; InCommon and Middleware will be heavily involved. Partners include Carnegie Mellon, Brown, Texas, MIT, and Utah. The intent is for the research and education community to create tools to help individuals preserve privacy and a scalable privacy infrastructure that can serve a broader community.
September 20, 2012 | Listserv Anonymous User
Message from

Boston College's Information Technology Services department is currently seeking qualified candidates for two positions in the Middleware group, the team responsible for supporting all IAM functions within the University.

Middleware Manager

The Middleware Manager reports directly to the Director of Architecture and Integration Services and manages the daily operations and projects for a group responsible for the University’s Identity Access Management (IAM) and Master Data Management (MDM) systems, two high-profile mission-critical applications in a 24x7 environment.  This person will have strong management, project management, and business analysis skills.  Ideally they will also have some experience with identity management-related tools especially NetIQ’s Identity Manager product.  The Middleware Manager provides input on strategic direction...

September 17, 2012 | Alan Sill
Call For Papers:

Journal of Grid Computing Special Issue: 
Interoperability, Federation, Frameworks and Application Programming Interfaces for IaaS Clouds

The Special Issue on Interoperability, Federation, Frameworks and Application Programming Interfaces for Infrastructure-as-a-Service (IaaS) Clouds will highlight foundational standards and application programmer interfaces (APIs) useful for large-scale, scalable distributed computing.

This issue will provide the community with dedicated forum for presenting new research, development, and deployment efforts in running interoperable, federated IaaS cloud systems. Priority will be given to submissions that focus on presenting solutions to challenges faced by current and future infrastructure cloud toolkits and APIs, and on frameworks that allow...
September 13, 2012 | Pranab R. Pati

Has anyone closely looked at or considered implementing Oracle Access Manager and Oracle Identity Federation in Campus environment?



Pranab Pati

Sr. Identity and Access Management Architect

University of San Diego

Work: 619-260-7553





September 12, 2012 | Hank Schottland

We are looking for a consultant to help us with our long-term Access Management architecture.  We have settled on using CAS but need to provide a reasonably fault-tolerant approach, including an access path outside of our core network to support 3rd-party hosted applications when our core network is inaccessible.  If anyone knows of a consulting company that you’d recommend for this kind of architecture/design work, please contact me at  Thanks much!


Hank Schottland
Banner Development & Support Manager
Portland Community College
(971) 722-8501

September 11, 2012 | Valerie M. Vogel

I’m sharing this message from the Mobile Technologies Constituent Group (formerly the Handheld and Mobile Computing CG) since several items may be of interest to the Security and IDM discussion group members.


There’s information about

·        Joining the Mobile Technologies list

·        Cross-posting discussions of interest (e.g., mobile security)

·        BYOD “un-conference” at EDUCAUSE 2012 on November 8

· topic page on Mobile in Higher Ed (HEISC also maintains pages on information security and privacy in higher ed:...

August 11, 2012 | Keith D. Hazelton
MACE-Dir seeks broad review of a new draft of eduPerson (201208 draft 00). See the first item under Current Activities at

Comments are encouraged and should be directed to

Changes from the current published version (201203) are indicated in Section 4, Changelog, and include:

1. Section 2.2.12 "eduPersonPrincipalNamePrior" added as a new eduPerson attribute type  <== This is the most substantive change, the addition of a new attribute to eduPerson

2. Section 3.8 "homePostalAddress" example updated to include country by appending "$USA"
3. Section 3.19 "PostalAddress" example updated to include...
August 9, 2012 | Keith D. Hazelton
All, This email opens a MACE-Dir last call on the draft specification that defines a pair of attributes to carry SAML entity category values. Last call will close at 18:00 local time on Friday, August 17 The draft in question is available at Please direct any comments, questions or concerns to MACE-Dir, REFEDS or the EDUCAUSE IdM list.
August 8, 2012 | Dedra Chamberlin
Announcing two job openings......

1. IAM Engineering Manager
* Full-time, permanent position
* Manage a joint team of IAM engineers at UCB and UCSF (7 staff)
* Focus on core operations - system stability, monitoring, security, documentation, strong operational procedures for code development and release, etc
* Manage people and budget
* Work with Deputy Director for IAM to allocate resources appropriately to IAM operations and IAM next generation development

This position is funded by UC Berkeley, but holds operational responsibility at UCB and UCSF per Memorandum of Understanding.  More information is available on the UCB job site at <>.  Search for job #14388.

2. Web App Developer
* Full-time, one-year position
* Develop web...
August 2, 2012 | Steve Olshansky
********************************************************************** Advance CAMP: Identity Services Summit IV Philadelphia, PA * October 4-5, 2012 ********************************************************************** Registration is now open, at the meeting website. Early registration discount is available until 14-Sep-2012 11:59pm EDT Concerned about the lack of identity-related tools available to you? Want to learn what's being done across the community to close this gap and how to get involved? Come to Advance CAMP: Identity Summit IV and discuss these topics and more with your colleagues. Advance CAMP will be held from 1:30 pm Thursday October 4th through 3:00 pm Friday October 5th, 2012 after the Internet2 Fall Member Meeting in Philadelphia, Pennsylvania. The meeting will feature...
July 31, 2012 | Patrick Wagman

We are in the process of implementing CAS at the University of Georgia. For anyone who is already up and running, would you be willing to share your system architecture and lessons learned?    





Patrick Wagman, PMP
OCIO Portfolio and Program Management Office

University of Georgia

480 East Broad, Suite 301-B
Athens Georgia 30601
Phone: 706-542-5694


July 30, 2012 | Emily Eisbruch

The Grouper team is pleased to announce a series of training videos that can be freely accessed at 

"These new Grouper training videos are designed to address the growing adoption of Grouper and the community's requests for increased training opportunities," according to Tom Barton, University of Chicago, and chair of the Grouper project. For more on the Grouper project, please visit

The current training videos are intended to serve three audiences: managers, system administrators, and architects/developers. Additional Grouper training videos, including for the end user audience, are in the pipeline. 

The Grouper team...

July 29, 2012 | Keith D. Hazelton
Please have a look at, and offer your comments on, this proposed new draft of the eduPerson object class. It contains a new proposed attribute, eduPersonPrincipalNamePrior. MACE-Dir had previously circulated a draft of a new experimental object class containing this attribute, but based on discussions on the last couple MACE-Dir conference calls, the decision was taken to include it in a new revision of eduPerson itself. This draft also incorporates some changes that were originally targeted for an errata release of eduPerson (201203). For access to the draft, see the first item under "Current Activities" at In memory of RL"Bob" Morgan, RIP
July 27, 2012 | Ramanarao Chamarty

Hi ,


We are  reviewing  software solutions to deploy federated identity services @ Temple University. As I understand you are affiliates of InCommon and would like to know the software/application  you have in place to offer federated identity solution.  Thank you in advance. Should you have any feedback/questions, I can be reached at




Ramana Chamarty


Phone: 215-204-2119

Director, Technical Support Services

Office of Identity and Access Management, Computer  Services

July 26, 2012 | Listserv Anonymous User
Message from

Good Evening List, I was wondering how many Higher Ed Schools have a photo directory (students and faculty and staff) and how you implemented it. There is some debate at my institution over querying a MSSQL Database to pull the image, or using powershell to populate Active Directory and doing the lookup that way. I wanted to get input and see what others are doing. Thanks! K
July 26, 2012 | Michael R. Gettes
The tribute web site has been updated with information about the Memorial for Bob to be held this Sunday @ 11 AM Pacific Time, 2PM Eastern, 7PM London and 4AM Monday in Sydney. Please visit for more information. The event will be broadcast video with an accompanying twitter feed. Please consider a donation to the education of Bob's children or to a charity in his name. Information about donating can be found on his tribute web site. Please feel free to forward this email as you see fit to ensure everyone is aware of the event. .
July 26, 2012 | Listserv Anonymous User
Message from

The University of Texas at Austin has opportunities for a Senior Software Engineer and Senior Software Developer/Analyst in our Identity Management group.  Make a difference at one of the largest and most respected universities in the nation by implementing technical solutions to meet campus needs.


The Identity and Access Management team works with a diverse set of stakeholders and is committed to high quality development practices.  We code primarily in Java (and other JVM languages like Groovy) and use JUnit, Jenkins, Nexus, Maven, Gradle, and Sonar.  Identity Management is currently a high priority for the department, and we are looking for individuals to help evaluate new technologies and contribute to the future of our products.


Join our team of IT professionals, be...

July 25, 2012 | Jeremiah Adams

Hello IdM Community,

We are facing a couple of challenges here at the University of Colorado Denver | Anschutz Medical Campus that I anticipate some of you have worked to conclusion, and therefore would like to ask for your insights. 


A bit of our environmental background is that we are an Oracle Identity Management (OIM) shop, focusing our energies on making that suite (OIM, OVD, OID, OIF, OAM) of products as productive as possible for us.  We also rely heavily on Microsoft for messaging services, having a large majority of our constituency supported by Live@edu, and moving in the near future to Office 365, while also maintaining on premises exchange services for some portions of our constituency.


Now for the questions:

1)     ...

July 24, 2012 | Paul Hodgdon

How does your school manage its reconciliation process?  What types of attributes do you use to determine if someone is a match or new person?  Do you do any sort of encryption with values such as SSN? 


We are working on a project to centralize identities amongst other campuses and would like input on how other schools are doing this.  One topic of conversation is not using SSN’s for reconciliation, I didn’t know if others had thoughts on this.





IT Accounts & Remedy Administration Manager

University of New Hampshire

Client Services

Primary: (603) 862-2377

Alternate: (603...

January 4, 2012 | Karen Herrington

Count Virginia Tech among the universities that are looking to hire.  Our Identity Management Services area has a full-time position open for a developer with Java skills.


More information on the position can be found on the VT jobs site.


Search Postings for Posting Number 0110525.


Questions can be addressed to me,


- Karen Herrington

  Director, Identity Management Services

December 16, 2011 | Mark B. Jones


I just noticed that there is a feature for searching “applicants” in the useradmin tool.


Do you have any documentation describing how the new Campus Solutions applicant data flows through our IdM infrastructure?


When I search for an applicant using useradmin what part of the infrastructure am I searching?


Are we storing applicants in the registry?




Mark Jones
Manager, Systems Analyst & Programming  

Academic Technology | Software Engineering|
7000 Fannin | Suite, 780 | Houston, TX 77030 |
713 500 3508 tel | 713 500 0313 fax|

December 8, 2011 | Valerie M. Vogel
Please mark your calendars for a Higher Education Information Security Council (HEISC) Town Hall webinar on Monday, January 9, 2012 (3-4 pm EST). Council co-chairs Larry Conrad and Michele Norin will present the 2012-2013 HEISC strategic plan. Participants will have a chance to share feedback regarding the goals and objectives. 
More details (including the webinar’s URL) will be available soon at:
Please feel free to share this message! Thank you.
December 7, 2011 | Listserv Anonymous User
Message from

I am setting up user and group authentication from Apache via LDAP.  I have created a proxy user to do lookups and given them access to lookup individual users with the following ACLs:


to dn.sub="ou=people,dc=moody,dc=edu" attrs="uid,inetuserstatus"

by dn.exact="cn=Legacy1 WebAuth Proxy User,ou=Proxy Users,dc=moody,dc=edu" search


to dn.sub="ou=people,dc=moody,dc=edu" attrs="entry"

by dn.exact="cn=Legacy1 WebAuth Proxy User,ou=Proxy Users,dc=moody,dc=edu" read


The user lookup works correctly.  NOTE:  the inetuserstatus is used in a user lookup query


Group lookup is not...

November 29, 2011 | Listserv Anonymous User
Message from

Good afternoon, We are replacing our IdAM infrastructure and are considering using Forefront Identity Manager 2010 as the central engine. Does anyone know of any listservs (or wikis etc.) for active user community discussions of this product, especially in Higher Ed? Also, if your institution has a successful implementation, do you have an implementation services vendor you would recommend? Would you be willing to share your experiences regarding pitfalls to avoid, and especially about things that you found to be difficult or impossible to implement? Best regards, Les LaCroix, Carleton College
February 25, 2014 | Dean Woodbeck
InCommon Shibboleth Installation Workshop
March 24-25, 2014
Durham, North Carolina

​Need training on Shibboleth installation? Consider attending the latest InCommon Shibboleth Installation Workshop in Durham, North Carolina, sponsored by InCommon, Internet2, and MCNC.  These workshops tend to fill up quickly, so register today.

We’ll spend one day (March 24) installing the identity provider software, and the second day (March 25) installing the service provider software. These directed self-paced workshops allow attendees to move through the material at their own speed, while having experienced trainers provide overviews and one-on-one help with the process. 

Attendance is limited to 40 registrants each day. Registration closes March 10, 2014.

January 28, 2014 | Valerie M. Vogel
Happy Data Privacy Day! And welcome to the start of Data Privacy Month (January 28-February 28, 2014). Our Data Privacy Month planning team has lined up several guest bloggers to share their thoughts on privacy and data privacy over the next few weeks. We encourage you to share these blog posts on campus and beyond. We expect to post a new blog each Monday through the end of February. You can find out when new blogs are available by following us on Twitter: Also, please let us know if your campus is planning activities or events and we'll be sure to include a link to your institution on our Data Privacy Month page: Today's blog post by Cheryl Washington (UC, Davis & DPM planning chair):...
January 23, 2014 | Dedra Chamberlin
Come work at UC Berkeley!

We are looking for a senior level web developer to help build out our next generation identity management system. New development work will be in our group management, credential management and person registry front-end applications. We have already completed a lot of work on our new access management system, and are looking for someone to help migrate that to maintenance mode.

Check out the job posting at the link below, and if you are interested, apply today!
Job #17274

Feel free to contact me offline if you have any questions.

- Dedra
Dedra Chamberlin
Senior Manager, CalNet - Identity and Access Management
January 21, 2014 | Valerie M. Vogel
Good afternoon, Please consider completing this brief survey on institutional information privacy practices. Results will be shared with the community in February as part of Data Privacy Month. Thank you, Valerie Valerie Vogel Program Manager EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5374 | main: 202.872.4200 |
January 21, 2014 | Dean Woodbeck

InCommon Shibboleth Installation Workshop

March 24-25, 2014


Durham, North Carolina

Need training on Shibboleth installation? Consider attending the latest InCommon Shibboleth Installation Workshop in Durham, North Carolina, sponsored by InCommon, Internet2, and MCNC.  These workshops tend to fill up quickly, so register today.

Special note to North Carolina institutions: Participants from any NC educational institutions and/or any NC-based NCREN/MCNC customers are eligible for a registration fee discount. To take advantage of this, you need to obtain a registration code from Steve Thorpe at MCNC ( The discount is available...

October 25, 2013 | Renee Shuey (Duplicate)
Hello, The Identity Services department at Penn State is looking for a highly skilled Java developer to join our team. This position will serve as a technical lead on software development projects including the Penn State Central Person Registry. The position will be filled as a level 3 or 4 (out of 5 levels) depending upon the qualifications and skills of the successful candidate. The job posting for this position is on our jobs site: Please consider telling any skilled Java developers you know and think would be a good fit about this position. Thank you, Renee Shuey Director, ITS Identity Services The Pennsylvania State University
October 15, 2013 | Steven T. Carmody
Hi, just passing on a couple of news items related to the expanding set of uses for Social Identities: 1) Select Internet2 applications accept google IDs > Individuals can now use their Google IDs to log into four select Internet2 services. The Google Gateway will initially provide access to the InCommon Federation Manager, Internet2’s collaboration wiki, and two applications soon to be used by the Multifactor Authentication (MFA) Cohortium that is supported by Internet2’s Scalable Privacy Project from the National Strategy for Trusted Identities in Cyberspace. Details are at 2) an Educause session highlighting other uses of Social Identities, and a new service to simplify relying n Social Identites: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) Thursday Oct 17th...
October 14, 2013 | Dan Malone
Cal Poly, San Luis Obispo currently is recruiting for an Identity Management Analyst. For more information or to apply, please go to: #103013 - Identity Management Analyst (Analyst/Programmer - Career), ITS - Information Systems. Salary range $4,314-$8,831 per month. Anticipated hiring range $5,417-$6,667 per month. Open until filled. Review begins Oct. 9. -- Dan Malone Cal Poly State University - San Luis Obispo
October 7, 2013 | Thomas J. Barton
For those who may be interested:

The University of Chicago is seeking an Assistant Director for Identity Management to manage the business analysis, service coordination, programming, and operational functions comprising the Identity and Access Management team, develop new services, and lead technical and functional leads across the University towards appropriate and valuable integration of their systems and activities with central IAM and related services.

UChicago is a leader in national Identity and Access Management activities, working with peers to define and establish innovative ways of managing access through a combination of automation, delegation, and infusing identifiers and attributes into systems and processes where their value can be leveraged.

We are entering a new phase in which our business processes are being modernized, data integration architecture is...
September 30, 2013 | Zdenek Nejedly
My sincere apologies - please ignore the previous email - I sent it to a wrong mailing list. Thanks, Chris, for pointing it out :-) Cheers, Zdenek
September 30, 2013 | Zdenek Nejedly
Hello Kent: The following domains are used/supported by IDEAS. The root path may not return any readable content. (Oracle AM) (D2L SSO middleware) (reserved for IDEAS content) The following URL is currently supported but the service (Sun AM) will be removed before January 2014 and the domain will be re-purposed The following hosts the Restore Request and the Storage and Backup team is the owner:...
September 26, 2013 | Dean Woodbeck
Registration fees for the InCommon Identity Week events (Advance CAMP and CAMP) will increase after September 30. If you are considering attending, register soon.

Identity Week will be held November 11-15, 2013, held in Burlingame, California, just south of San Francisco. The event, led by Internet2, will bring together the InCommon community, identity management technical implementers and architects, and U.S. and international leaders in the field of identity and access management.

Each of the three meetings (REFEDS, ACAMP and CAMP) has a separate registration, so you can choose the one(s) right for you. You can see a summary of the the Identity Week meetings at, or you can go to for links to the meetings, programs, hotel,...

September 25, 2013 | Mark B. Jones


I found this article interesting with respect to privacy and permanent identifiers.  In this case Yahoo’s practice of recycling email addresses represents a privacy concern that would have been managed if they followed Google’s practice of maintaining email address as a permanent identifer.

I see this as an example of how privacy gains can be won by use of permanent public identifiers.

September 19, 2013 | Dean Woodbeck

Registration is open for the next InCommon Shibboleth Installation Workshop, Oct. 21-22, in Omaha, Nebraska. The deadline for registering is October 14.


InCommon Shibboleth Installation Workshop

October 21-22, 2013

University of Nebraska-Omaha

Omaha, Nebraska

Need training on Shibboleth installation? Consider attending the latest InCommon Shibboleth Installation Workshop in Omaha, Nebraska, sponsored by InCommon, Internet2, and the University of Nebraska.

We’ll spend one day (October 21) installing the identity provider software, and the second day (October 22) installing the service provider software. These directed self-paced workshops allow attendees to move through the material at their own speed, while...

September 17, 2013 | Dean Woodbeck
InCommon Affiliate Webinar Series: Three Case Studies on Shibboleth and Federated Identity ************** Wednesday, September 18, 2013 2:00 pm ET | 1:00 pm CT | 12:00 pm MT | 11:00 am PT ************** Join us for an InCommon Affiliate webinar featuring three case studies from colleges and universities working with Unicon. The company provides IT consulting and services to colleges and universities, including installation, configuration and support for the popular open source Shibboleth and Grouper software systems. The webinar will feature three campus case studies: 1. An extension to the Shibboleth identity provider to improve the experience of University of Wisconsin users. The extension does some coarse-grained authorization before the user is sent to a cloud service, allowing the university to present...

View dates and locations

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.