Tài liệu Module 13: Planning a Metadirectory Implementation doc

Determining the Information Requirements 10 Determining Management and Security Requirements 14 Lab A: Determining the Functional Requirements for a Metadirectory Implementation 16

Determining the Information Requirements 10

Determining Management and Security

Requirements 14

Lab A: Determining the Functional

Requirements for a Metadirectory

Implementation 16

Review 17

Module 13: Planning a Metadirectory

Implementation

to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may

be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property

 2000 Microsoft Corporation All rights reserved

Microsoft, BackOffice, MS-DOS, Windows, Windows NT, <plus other appropriate product names or titles The publications specialist replaces this example list with the list of trademarks provided by the copy editor Microsoft is listed first, followed by all other Microsoft trademarks

in alphabetical order > are either registered trademarks or trademarks of Microsoft Corporation

in the U.S.A and/or other countries

<The publications specialist inserts mention of specific, contractually obligated to, third-party trademarks, provided by the copy editor>

Other product and company names mentioned herein may be the trademarks of their respective owners

Instructor Notes

Instructor_notes.doc

Overview

! Overview of the Metadirectory Planning Process

! Assessing the Existing Information Infrastructure

! Identifying the Functional Goals of the Metadirectory

! Determining the Information Requirements

! Determining Management and Security Requirements

When planning a Microsoft Metadirectory Services (MMS) version 2.2 implementation, you must determine a set of functional objectives for the metadirectory that will meet the information management needs of an organization To determine these functional objectives, you must take a current directory inventory, develop the metadirectory content requirements, determine the information flow behavior of the metadirectory, and determine management and security issues The planning process results in a functional specification that is used to guide the design and development of the MMS implementation The results of the planning process include a list of directories to be integrated

in the metadirectory, a list of the type of entries and the attribute for information for each, and a specification of which connected directory is authoritative for each attribute

At the end of this module, you will be able to:

! Describe the metadirectory planning process

! Assess the organization’s current information management systems and gather the information necessary to determine metadirectory requirements

! Identify the functional goals that a metadirectory will provide that meet the identity management needs of the organization

! Determine the metadirectory information requirements

! Determine the metadirectory management and security requirements

In this module, we will

discuss how to plan an

MMS implementation that

meets an organization’s

functional requirements for a

metadirectory

Emphasize that throughout

this module, the deliverables

that are developed during

the planning process

provide the input into the

design and development

process, which is discussed

# Overview of the Metadirectory Planning Process

Assemble Planning and Design Teams

Assemble Planning and Design Teams

Assess Current Directories and Applications

Assess Current Directories and Applications

Determine Functional Goals

Determine Functional Goals

Determine Information Requirements

Determine Information Requirements

Determine Management and Security Requirements

Determine Management and Security Requirements

The Functional Requirements

of the Metadirectory

The goal of the metadirectory planning process is to define a set of functional requirements These functional requirements will then be used to guide the design and development of an MMS implementation that meets the identity information needs of an organization The metadirectory planning process consists of the following steps:

! Assemble the metadirectory planning and implementation teams Because implementing the metadirectory will affect the entire organization, the key stakeholders must be identified and organized into the following teams:

• Planning team This team consists of staff from the information

technology (IT) support groups, the business groups that own the identity information contained in the directories and the applications that use this information, the human resource group, and the person(s) who will be leading the design and development of MMS

The planning team works towards joining the information they own into

a common metadirectory and defining the rules for how information flows between the metadirectory and the connected directories The primary goal of this team is to develop a basic vision for a directory-enabled computing environment and to determine the functional objectives for the metadirectory

• Implementation team This team includes the developers, administrators,

and support personnel who will design, implement, and manage MMS according to the goals outlined in the functional specifications

! Assess the current information flow for the organization The planning team assesses the existing flow of identity information through the organization and identifies the current business processes and rules that determine this information flow Assessing the current information flow also includes gathering information about the existing directories and the applications that use those directories

! Determine the functional goals of the metadirectory This step results in a list of specific and achievable goals that describe how identify information should flows throughout the organization, what information should be integrated, and how the organization will then use this integrated information These functional goals will guide the development of the metadirectory’s information, management, and security requirements

! Determine the metadirectory information requirements After defining the objectives of the metadirectory and taking inventory of the existing directories, you need to determine a specific set of information flow requirements that outlines the behavior of the metadirectory These requirements include identifying what information the metadirectory will contain, what directories this information originates from, and the basic model for how attributes flow among the connected directories

! Determine the metadirectory management and security requirements The final step in the planning process is to define who will manage the connected directories and who will manage the MMS product itself, as well

as managing the MMS Server service Additionally, you will have to specify the security and access requirements for the group that will manage and maintain MMS

The Metadirectory Functional Requirements

A List of Directories to Be Integrated in the Metadirectory The Naming Convention for Metadirectory Entries The Metadirectory Entry Types

The Attributes Stored in Each Metadirectory Entry The Directory From Where Each Attribute Initially Originates The Directory That Will Be Authoritative for Each Attribute The Metadirectory Management Method

The Metadirectory Security Policy

The result of the planning process is a specification that outlines the functional requirements for the metadirectory These requirements describe the content and behavior for the proposed metadirectory, and will guide the MMS design and development process, during which the implementation team will develop join and attribute flow strategies, and develop and test the management agents The following list identifies the information that makes up the functional requirements:

! A list of directories to be integrated in the metadirectory

! The naming convention for metadirectory entries

! The metadirectory entry types

! The attributes stored in each metadirectory entry

! The directory from where each attribute initially originates

! The directory that will be authoritative for each attribute

! The metadirectory management method

! The metadirectory security policy

specification that outlines

the functional requirements

for the metadirectory

# Assessing the Existing Information Infrastructure

! Assess the Current Directories

! Assess Directory-Enabled Applications

! Document Current Business Processes and Rules

$ Determine business rules that define the current environment

$ Integrating directories in the metadirectory may require changes to existing business processes

MMS joins together information from various directories in an organization Therefore, it is important to develop a good understanding of the current directory environment, which includes taking an inventory of the existing directories and assessing the applications that use those directories

Assessing Current Directories

You will need to systematically assess each current directory that will be integrated with the metadirectory During this inventory, you will need to document the kind of information each directory currently contains, how the information is organized, and whether identical information is contained in other directories

Assessing Current Directory Applications

You will need to take inventory of the current applications that will use the metadirectory, as well as determine the need for additional applications in the future

Documenting Current Business Processes

Directory systems and the applications that use them usually exist in the larger scope of a set of business processes These business processes often determine what information is contained in each directory and how this information is collected and used Because implementing a metadirectory may require modifying business processes, you need to document the organization’s current business process and rules

The first step in the planning

process is to assess the

current directory

environments You will

analyze the current

environment within the

scope of how the

metadirectory can provide

potential solutions to the

organization’s information

flow requirements

For example, you could document the processes that occur when a person is hired What are the processes for getting the new employee a telephone number,

a mailbox, and a user account? What directory systems and application are utilized during this process?

When determining the functional goals for the metadirectory, an organization may also need to consider ways to improve how they manage identify information Improving identity information management may require modifying current business processes

Collecting Directory Information

Identify Directory, Function, and Protocols Used to Access It Identify Entry Types and Structural Containers

Identify the Attributes for Each Entry Type Identify Whether Entry Types Contain Attributes That Are Unique Identify the Authoritative Source for Duplicate Data

Identify the Directory Topology and Whether It is Distributed Identify How Clean the Data Is and How Often It is Updated Determine How Much It Costs to Maintain the Directory

The following is a list of guidelines that need to be followed to systematically collect information about each directory that is a candidate for integration with the metadirectory:

! Identify the name of the directory, the type of directory in terms of its function in the organization, and the protocols that are used to access the directory Additionally, identify the person(s) or department who owns and manages the directory

! Identify what type of entries (such as employee records, user accounts, and lists) the directory contains, and determine how these entries are used Additionally, identify how the entries are organized and identify the structural containers (such as organizational units) that are used to organize the entries.Identify the attributes for each entry type Additionally,

document whether other directories may also include duplicate attributes

! Determine whether entries listed in multiple existing directories contain identifying information that is likely to be unique throughout the organization For example, unique information can include payroll numbers

! Identify how clean the data is in the directory Data is considered clean when entries are unique across multiple directories throughout the

Topic Objective

To describe the type of

information that needs to be

collected about the current

directory environment

Lead-in

For each guideline, ask the

students to speculate on

how the collected

information will be used

during the design and

development phase

! Determine, if possible, the total cost of ownership to maintain and administer the directory When determining the functional goals of the metadirectory, you should have an idea of how much it costs to maintain all the existing directories, because the cost of maintaining existing directories can factor into the metadirectory design

Identifying the Functional Goals of the Metadirectory

! Identify the Following:

$ Which CDs to integrate in the metadirectory

$ High level information flow based on business processes

! Identify how to improve information flow

$ Identify what currently does and does not work

$ Prioritize changes/enhancements

$ Business processes and rules may have to change

$ Possible metadirectory solutions

After accessing the current directories and the business processes that drive how information flows through the organization, the next step in the planning process is to identify the functional goals of the metadirectory Begin this process by thinking about how the organization wants to use the metadirectory

to integrate identity information The result of specifying the functional goals is

a set of high level, but specific goals for integrating directories and managing information flow throughout the organization

Use the following guidelines to help you develop the functional goals for the metadirectory implementation:

! Identify what currently does and does not work in the existing environment After assessing this, determine whether or not there is a better method for managing identity information

! Prioritize the changes and enhancements that the metadirectory will address Identify the specific, achievable goals for integrating directories and then prioritize those goals by what can be achieved immediately and what may have to be implemented over time

! Consider modifying business processes and rules, if necessary, to achieve the functional goals of the metadirectory

! Identity possible metadirectory scenarios, such as hire/fire solutions and interforest synchronization, which can meet the organization’s information flow goals

Topic Objective

To describe the planning

step of identifying the

functional goals for the

metadirectory

Lead-in