Dela via


Initiating Your Identity Integration Project

Applies To: Windows Server 2003 with SP1

Download Instructions

This document is available for download as a Microsoft Word document from the Web at https://go.microsoft.com/fwlink/?LinkId=30436.

In This Guide

How you go about setting up and staffing your project can affect the outcome of integrating your identity data. This document prescribes a process for selecting the optimal solution for your Microsoft® Identity Integration Server (MIIS) 2003 deployment. The process includes creating a project vision statement, defining your identity integration objectives, evaluating your current infrastructure, and evaluating possible scenarios. You record your deployment decisions in a solution proposal.

This topic is part of the Design and Planning collection of the Microsoft Identity Integration Server 2003 Technical Library.

Overview for Identifying Your Identity Integration Project

Developing a project plan that contains the optimal MIIS 2003 solution for your enterprise should be a structured and planned activity. This topic describes the recommended process for constructing an effective project team, analyzing your business problem and current system state, defining a vision, setting project scope, and selecting your initial solution. All findings and decisions are recorded in a solution proposal that forms the basis for specific identity integration and management design work. The model used to accomplish the design is based on the Microsoft Solutions Framework (MSF).

MSF provides proven practices for planning, building, and deploying technology solutions such as MIIS 2003. MSF helps you achieve flexibility while meeting commitments and minimizing risk. Many of the processes and practices of this technical library are based on the principles of MSF.

MSF Process Model

Three distinct features of MSF provide the structure for its process model:

  • Phase and milestone-based

  • Iterative

  • Integrated approach to building and deploying solutions

The MSF process model is well suited for MIIS 2003 deployments because of the inherent complexity of system and data integration, and the business constraints on project scope.

MSF Deployment Model

The goal of an MSF deployment is to provide a solution. A solution is the coordinated delivery of the elements needed (such as technologies, documentation, training, and support) to successfully respond to a unique business problem. Use the steps and milestones defined by MSF to expedite your deployment of MIIS 2003.

For more information about MSF, see the documentation in the MSF Resource Library at https://go.microsoft.com/fwlink?linkid=26228.

Figure 1 shows where selecting your identity integration solution occurs within the overall design and planning process for MIIS 2003. The figure also shows the steps you follow to select your solution and plan your deployment goals.

98951790-9bdc-4e4a-800b-5babbcb78a21

Steps for Selecting a Solution

When you complete the process outlined in this paper, you will have selected one identity integration scenario that meets the highest value business goal for your organization. Selecting the scenario depends on your needs, whether they be lowest cost, fastest deployment time, or highest value. After you select a scenario, you can begin dataflow design and implementation planning.

The process begins with a high-level evaluation. You consider a variety of solutions that are influenced by business goals, costs, resource restraints, current system and data state, and risk factors. The process is complete when you have determined which scenario you want to design and implement. That scenario is the proposed solution. The following steps assist in reaching this goal.

Build a project team

Your organization’s IT personnel and infrastructure, business rules, identity data, end users, and costs are all impacted when you deploy an identity management system such as MIIS 2003. Therefore, it is important to understand what talents and skills you need to include on your team in order to design and build the right solution for your scenario.

Define the project structure

As with similar projects that you have successfully completed, defining communication, setting documentation standards and change control processes, assigning roles appropriately, and building risk assessment into the process permits the project to function effectively.

Start the solution proposal

The Solution proposal describes the specific scenario and the environment within which MIIS 2003 will be operating. It is a repository of analysis and decisions that describe the practical implementation of the project’s vision and defines the project’s scope. The ultimate goal of the solution proposal is to achieve team and stakeholder agreement on the desired solution and the overall project direction.

Define and document the business goals

Correctly identifying the business goals to be achieved is essential for project success. A project team needs to clearly articulate the problems and opportunities, and understand the direction in which the business must move in order to reach its business goals. For a solution that uses MIIS 2003, reaching consensus on all applicable business goals can be difficult because your deployment affects many stakeholders. Selecting the right solution helps you achieve your documented business goals.

Assess your current IT infrastructure

Information about the current infrastructure helps you decide which MIIS 2003 deployment scenario to pursue first and also helps you design future MIIS 2003 deployments. Impact on infrastructure, costs, resources, security, and the state of the identity data are addressed.

Create the project vision and define the project’s scope

Creating a vision statement helps the project team present a clear understanding of the goals and objectives for the MIIS 2003 deployment. If you create a vision that corresponds to your business goals, you can use the vision to define project scope and drive scope-related decisions.

Assess project risks

Assessing risks is a recurring task that continues throughout the project. With an MIIS 2003 deployment, there are specific risks you need to consider during different phases and at specific milestones.

Select a Potential Solution

Guided by your documented business goals, your IT infrastructure evaluation, and your assessment of how MIIS 2003 can help you implement a solution, evaluate potential integration solutions. In order to select the solution appropriate for your environment, first prioritize which ones will provide the greatest benefit, keeping in mind that you can add other implementations later.

It is in the solution proposal that you describe the specific scenario you have chosen and the environment within which MIIS 2003 will be operating. The proposal is a repository of analysis and decisions that describe the practical implementation of the project’s vision and defines the project’s scope. The ultimate goal of the solution proposal is to achieve team and stakeholder agreement on the solution you want and the overall project direction.

Build the Project Team

The implementation of MIIS 2003 affects your organization’s IT personnel and infrastructure (including hardware, development, testing, and networking), business rules, departments, employees (other than IT personnel), and costs. With this wide-ranging impact, it is important to understand what talents and skills can help you successfully deploy MIIS 2003.

Success Factors for Effective Project Teams

Existing literature suggests there are several critical factors for the success of IT project teams, and these factors can affect the success of your MIIS 2003 implementation. Your implementation team needs to demonstrate the following:

  • Clear vision of the project.

  • Solid executive support.

  • Realistic goals accompanied by realistic milestones both for the short and long terms.

  • Competent staff with the necessary technical skills and personal skills to make and manage connections among people in your organization.

The process by which you choose to formulate your teams might be predicated on past experiences or your organization’s established processes. For any implementation of MIIS 2003, that process should include the following steps:

  • Secure executive sponsorship that has the authority to bring resolution to departmental conflicts and provide the necessary guidance on budget matters.

  • Establish a project team that is composed of individuals who have system experience, MIIS 2003 architectural experience, and project management experience. These team members must be able to set project goals, design solutions around those goals, and drive the project to completion. If individuals in your organization do not have the appropriate skills, consider identity management consultants.

  • Identify a deployment team that understands the deployment process within your organization.

  • Hand off an MIIS 2003 solution that is well scoped, realistically designed, and well documented to those responsible for IT operations

Phased-in Approach to Team Building

Early in the MIIS 2003 design and planning process, the project team might be composed of only the project architect and the program manager, who are supported by an executive sponsor. During the process to develop a solution proposal, you add other specialized people to the team as you develop different aspects of the plan. These people might include subject matter experts (SMEs) for each data source under consideration and SMEs for your proposed environment, including Microsoft® SQL Server™ 2000 and hardware.

After the project team completes the solution proposal, they approve the document and then forward it to the rest of the design team and other stakeholders. As the design process becomes specific to the implementation of MIIS 2003 (when you begin to design at the object and attribute level), the design team adds dataflow designers, rules planners, metaverse planners, and configuration planners. Other stakeholders might not be directly involved in the design but include the owners of the connected data sources, the IT department, the executive sponsor, and other interested parties.

Figure 2 illustrates the flow of team building and team deliverables for an MIIS 2003 project.

7cbf1199-954d-41a7-bcf8-b777c5cd6319

Establishing a Project Team

The project team is responsible for overseeing the MIIS 2003 implementation process. This team includes the following roles and works with the authority of the executive sponsor:

  • Program manager

  • Project architect

Although the executive sponsor is responsible for giving legitimacy to the project and creating a sense of cooperation within the organization, the project architect and the program manager are ultimately responsible for researching, designing, planning, and completing the project based on a specific budget and schedule. The core responsibilities of the project team include:

  • Creating a solution specification.

  • Creating an identity integration design plan for the deployment team to follow.

  • Driving the deployment team through the testing process of your pre-production environment.

  • Working with the operations team to develop the optimal implementation and support plan with the operations team.

Figure 3 depicts the structure of the project team and the relationship with subject matter experts in the extended team. It is important to note that buy-in and input are necessary even at this early stage in the process.

e3c87b28-315a-4e44-bf93-84a60b85f68a

Before the project team begins work on these core responsibilities, however, the project team should prepare by:

  • Participating in product training or a hands-on experience.

  • Reading and researching available published material, such as the MIIS 2003 Technical Library, case studies, whitepapers, online Help, and other resources.

  • Obtaining preliminary buy-in from important stakeholders.

Building a Design Team

The design team in an MIIS 2003 implementation should identify what data to manage and the best way to use MIIS 2003 to solve the organization’s specific identity management problems. Using the vision developed by the project architect and executive sponsor, the design team establishes project goals, designs a solution based on MIIS 2003 functionality and features, and identifies the system and MIIS 2003 configurations necessary for deployment.

The design team should include your organization’s IT operations personnel, data source owners, and MIIS 2003 experts. As the design team, these people will answer security concerns related to sensitive data, data flow, data integrity, data ownership, and hardware and networking system design. The success of the MIIS 2003 implementation depends on the thoroughness of the design team. Deployment and operations proceed with greater ease if they are designed correctly.

Figure 4 shows the structure of the design team and the relationship with subject matter experts in the extended team. It is important to note that buy-in and input are necessary at this stage in the process.

2f7aa54b-6adf-42b5-9379-c47cb1e3ab74

The size and composition of the design team varies according to the size of the organization. In smaller organizations, a single person covers multiple areas of responsibility and might be involved in more than one phase of the project. Larger organizations might require larger teams with different individuals, or additional teams, to cover the various areas of responsibility. The size of the team is not important as long as all areas of responsibility are assigned and the design and deployment goals of the organization are met.

Identifying a Deployment Team

After the design team hands off the dataflow design and the configuration guide to the deployment team, the deployment team develops or refines the prototype, tests it, and begins developing an operations plan to address maintenance and support. The proper pre-production planning and configuration of MIIS 2003 in your test lab is essential to a smooth migration from your test environment to your production environment.

The deployment team works with the operations team during the deployment phase to ensure that members of the operations team are familiar with the new design. This helps to ensure a smooth transition of ownership when the deployment process is complete.

Figure 5 shows the structure of the deployment team and the relationships with IT. It is important to note that buy-in and input are necessary at this stage in the process.

2b16fcce-b5e0-4675-92f5-ab180240ba3e

During the deployment phase, the network analyst, operations lead, and other system engineers (if necessary) test the configuration specified in the MIIS 2003 dataflow design and configuration guide to do the following:

  • Resolve compatibility and interoperability issues.

  • Measure and assess the potential effect of the deployment on network bandwidth.

  • Identify existing operational procedures that might be affected by the deployment, and finalize any deployment procedures.

  • Compile a list of hardware requirements and measure its accuracy in the lab.

  • Balance costs and benefits that might require input from the executive sponsor.

After the deployment is complete, the operations team maintains service levels. When implementing your MIIS 2003 solution, you assign network administrators and support personnel to the appropriate operations team roles and assign security group memberships as predefined by MIIS 2003.

MIIS 2003 Project Planning Considerations

When forming a project team for an MIIS 2003 solution, team composition, security strategies, project legitimacy, and effective relationships should be among your primary concerns. You should compose your team of individuals with expertise that relates to your proposed solution. Develop a security strategy to deal with sensitive data in mission-critical applications. Your executive sponsorship should provide project legitimacy. You should build and maintain effective relationships with data source stewards.

Before you begin the process of assigning roles and responsibilities for your MIIS 2003 implementation, read the following resources to understand the MIIS 2003 design and planning process:

  • Essential Concepts of Microsoft Identity Integration Server 2003 in the Technical Reference collection of the MIIS 2003 Technical Library at https://go.microsoft.com/fwlink/?LinkId=26499.

  • “Road Map for Designing and Planning Your Identity Integration Solution” in this collection of the MIIS 2003 Technical Library.

You should compose your team based on the MIIS 2003 solution you select first, but with subsequent solutions in mind. For example, if your initial goal is to synchronize global address lists across Microsoft Active Directory® directory service forests and to later implement a password management solution, your deployment team composition might be narrow but the design team might have to include people with expertise for the future solutions.

Executive Sponsorship

Because implementing an MIIS 2003 solution might affect an entire organization, it is important to have an executive sponsor who understands the business value of the deployment and supports the project. An executive sponsor is a high-level management official (director, vice president, or corporate information officer) who has sufficient authority to help resolve conflict across the organization, provide assistance throughout the project, and help hold the design and deployment teams accountable for achieving their goals.

Identity data synchronization can affect other identity data stores within the organization; therefore, conflicts must be resolved between the owners of these systems. The project team must have the backing of your organization through high-level sponsorship to make design and process decisions that support the MIIS 2003 solution.

The executive sponsor is not involved full-time in the project but might assume the following responsibilities:

  • Evangelize the MIIS 2003 vision to all stakeholders.

  • Communicate support for the initiative.

  • Communicate schedules that affect multiple teams or departments.

  • Resolve issues between departments.

Security

You should develop a security strategy that enables only trusted employees to access sensitive documentation, such as the dataflow design, connected data sources, and automated processing designs. Early in the process, develop a strategy for handling sensitive identity data in each phase of the project, including the design and planning phase, the pilot and testing phase, and in your production environment. Your team and your designs must address these security concerns throughout the lifecycle of your MIIS 2003 solution.

Because identity data is usually considered sensitive information, certain restrictions, which can be governmental or organizational, might need to be enforced. During the early phases of the project, consult your system security architect or compliance officer.

Data Sources

MIIS 2003 has the ability to synchronize data from a variety of systems and identity data repositories. As the project architect identifies which data sources contain the data of interest, the stewards of those data sources must be included in the solution proposal process.

The data source steward must have knowledge of system services, data schema, data volatility, processes that run against the data, the security enforced for the data source, and the owner of the data. In addition, the data source steward must be empowered to make decisions about data synchronization, whether by the authority of the data owner or together with the data owner. For more information, see “Data Source Steward Role” later in this topic.

Testing

Methodical and careful planning will help your deployment progress smoothly; however, contingencies almost always occur that were not considered in the plan. For an MIIS 2003 deployment, most contingencies are related to the data itself and to gaps in the scenario resulting from design assumptions. Probably for the first time, identity data is to be shared between repositories by using automated processes. Most of the data synchronizes as planned; however, some will contain unexpected exceptions. Therefore, before you deploy, thorough testing of the identity data in your selected solution — whether in a small or large lab — is essential.

Project Team Roles

The project team is responsible for overseeing the MIIS 2003 implementation process. This team includes the following roles and works with the authority of the executive sponsor:

  • Program manager

  • Project architect

Program Manager

The foundation of identity management is centralizing the management of identity information that is distributed in a variety of data sources and that might have distinct owners and access policies. Therefore, managing an MIIS 2003 implementation requires a program manager who has the ability to work with people who might have different or conflicting goals and schedules. Ideally, the program manager is someone from within the organization who is familiar with all the stakeholders who are affected by the implementation. The program manager facilitates cooperation across business units and groups who manage various technologies, such as different directory systems, and sets in place the project structure. The program manager facilitates, and is responsible for, the following:

  • Assembling the design and deployment teams and providing them with access to all needed documentation, training, and lab equipment so that team members can perform their expected function.

  • Establishing and maintaining communication with the executive sponsor and the project architect throughout the project, and ensuring that all design and deployment plans are documented.

  • Providing logistical support to the project architect during the solution specification process of the design phase. Logistical support might include software licensing, lab setup, hardware acquisition, and morale building.

  • Completing all project planning, such as scheduling, budgeting, and coordination of day-to-day activities of the implementation. This includes involving the right people during each part of the design and deployment phases and gaining consensus among teams.

  • Communicating the shared project vision to various team members and serving as a single point of contact for all issues and for all stakeholders in the project.

  • Assessing and managing risks.

For an MIIS 2003 deployment, the program manager should have experience with enterprise-level infrastructure deployments; however, only a general or broad knowledge of MIIS 2003 is sufficient.

Project Architect

A project architect should oversee the design and deployment processes of your MIIS 2003 implementation. Assign this role to an IT architect or IT systems planner who has prior experience with dataflow or identity information management. Optionally, hire a consultant who has experience with MIIS 2003 design and deployment processes. A consultant can bring important experience and perspective to the project team; and can help solve problems across applications, platforms, and within the organization.

The project architect should oversee all of the design and planning tasks performed by the design team. Your final MIIS 2003 design must reflect a combination of business goals and technical decisions. Therefore, the project architect needs to ensure that technical design decisions are compatible with business goals. The project architect is ultimately responsible for:

  • The overall design of the MIIS 2003 implementation and the documentation of the design found in the solution specification.

  • The organization’s identity integration objectives, their documentation in the solution proposal, and their enforcement throughout the implementation process.

  • Collaboration with your organization’s security architect or engineer to understand and design secure practices, processes, and system policies into your MIIS 2003 solution.

  • The evaluation of existing operational procedures and business rules that affect the proposed MIIS 2003 implementation and the translation of these into policies on which to base the MIIS 2003 design.

  • The proposal of a solution to the design team and consensus on all technical matters between the design, deployment, and operations teams.

  • An understanding of the needs of all data sources and applications with which those data sources are integrated, such as Microsoft® Exchange 2000 Server, and the affect they might have on the design.

  • Establishing the metaverse plan for your MIIS 2003 implementation. For more information about the metaverse plan, see “Planning the Metaverse for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

  • Designing and documenting synchronization rules and rules extensions as necessary to meet the identity integration objectives of the design. For more information about synchronization rules and rules extensions, see “Planning Synchronization Rules for MIIS 2003” and “Building Rules Extensions for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

  • Documenting MIIS 2003 and system configuration strategies that result from design decisions. For more information about creating a configuration plan for your MIIS 2003 solution, see “Planning Your System Configuration for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

Depending on the number of data sources involved, the size of the organization, and the complexity of the design, you can delegate the project architect’s responsibilities to individuals who have the required skills.

Design and Planning Roles

Collectively, the design team plans, documents, and works with the deployment team to test, and then implement a new MIIS 2003 solution in your production environment. This process is typically repeated with each new solution; so keeping good documentation and contact information can have future benefits.

Design team responsibilities include the following duties:

  • Reviewing and refining the project team’s solution proposal.

  • Meeting with internal customers and subject matter experts (SMEs) as necessary to provide factual data that helps influence the design.

  • Working with the deployment team and the network administrators to ensure that their design meets the security and administrative requirements for each group.

  • Creating the dataflow design. The dataflow design shows the system’s inputs based on the desired outputs, which are to be aggregated by the system. The design determines which data sources are required to achieve the end result. For more information about the dataflow design, metaverse planning, and synchronization rules planning, see “Designing a System Dataflow Model for MIIS 2003,”“Planning the Metaverse for MIIS 2003,” and “Planning Synchronization Rules for MIIS 2003”in this collection of the MIIS 2003 Technical Library.

  • Creating a guide for the deployment team to use when they configure the system and MIIS 2003 in order to ensure adherence to the design. For more information about creating a configuration plan for your MIIS 2003 solution, see “Planning Your System Configuration for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

Data Source Steward Role

The project team identifies and involves the data source stewards early in the development of the MIIS 2003 solution proposal. One person or organization might have the dual role of data owner, who controls the integrity of the data, and data source steward, who controls the storage of the data. If one person does not handle both roles, you need to allow both persons to have input on the planning teams.

As SMEs, data source stewards help the design team improve the solution proposal by addressing any security concerns and helping define the data being shared. It is recommended that one or more data source stewards be regular members of the design team, depending on the size of the organization and the complexity of the design.

Data source stewards and internal customers must review the proposed business rules, attribute flow, attribute precedence, synchronization schedules, and naming structures that are documented by the project architect in the solution proposal. This review enables the design team to optimize the proposed MIIS 2003 infrastructure and to consider such issues as availability of a data source or the state of the data within specific timeframes. They can add technical details as necessary.

The solution proposal process also requires that the project team work with your organization’s IT operations department to understand the current operational procedures and restrictions that apply to each data source that they are targeting for synchronization.

System Dataflow Designer

To develop the logical metadirectory design, the dataflow designer works with the solution proposal — specifically with the dataflow diagrams and policies; and with the existing objects and relevant attributes. The optimal method of implementation is addressed by the metaverse planner; the synchronization rules planner; the builder of the rules extensions; and the configuration planner.

The system dataflow designer needs experience in system and data design and must be knowledgeable about the environment in which you intend to deploy MIIS 2003. The designer works closely with the project architect to produce the dataflow design, which is a continuation and refinement of the dataflow diagrams produced in the solution proposal.

Metaverse Planner

The metaverse planner needs a solid knowledge of MIIS 2003 and of the data from the connected data sources. The Metaverse planner is concerned with how data from the connected data sources is mapped to the metaverse schema, which is provided in, or extended by, MIIS 2003. Most of this planning information starts with and comes from the dataflow design; therefore, the dataflow designer and metaverse planner work together closely.

The metaverse is where data is defined through schema and where metaverse synchronization occurs. (Some synchronization occurs in the connector spaces.) A metaverse planner uses the dataflow design document as a beginning foundation for the metaverse plan. The metaverse planner’s responsibilities include:

  • Coordinating with the project team and data source stewards to ensure that they understand the deployment scenario.

  • Planning the dataflow mapping of synchronized objects to and from the metaverse for any given data source.

  • Creating the metaverse design specification based on information contained in the dataflow design document.

  • Designing metaverse schema extensions as defined by the dataflow design plan.

For more information about planning the metaverse, see “Planning the Metaverse for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

Synchronization Rules Planner and Extension Builder

A synchronization rules planner provides specific information about what synchronization rules will be implemented and when they will be implemented. The planner needs a thorough knowledge of MIIS 2003 and the dataflow design. A synchronization rules planner also provides a functional specification of the rules extensions needed for your MIIS 2003 implementation. The synchronization rules plan and rules extension specification are important documents when planning for the configuration of MIIS 2003. The responsibilities of the synchronization rules planner include:

  • Coordinating with the project team and data source owners to ensure that they understand the deployment scenario.

  • Planning the synchronization rules and rules extensions necessary to synchronize and provision specified identity objects.

  • Creating the synchronization rules design specification based on information contained in the dataflow design document.

  • Previewing and testing the enforcement of synchronization rules on objects, and refining the synchronization rules design specification as necessary.

The rules extension builder is a specialized role that is closely associated with the synchronization rules planner. The builder implements the rules design by coding modules that customize import and export flow rules to address specific identity data issues in your design. You can build and invoke these code modules through the MIIS 2003 user interface. (Microsoft Visual Studio® .NET can be configured as the development environment.) Because your deployment may be more complicated than simple extensions, the rules extension builder might have to be a qualified developer.

For more information about synchronization rules and rules extensions, see “Planning Synchronization Rules for MIIS 2003” and “Building Rules Extensions for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

System and MIIS 2003 Configuration Planner

The MIIS 2003 configuration planner writes a plan that details the MIIS 2003 configuration settings required for your deployment. This planner should be familiar with MIIS 2003 in order to compile a list of settings from the documents written by the other planners (dataflow design document, synchronization rules specification, and the rules extensions specification).

The configuration plan is used by the deployment team. Configuration planning includes the following tasks:

  • Compiling the security plan for your deployment that addresses both physical and data security.

  • Planning how you will certify data validation before and after synchronization through testing scenarios.

  • Determining a strategy for handling errors and the notification of problems that may occur during the synchronization.

  • Establishing backup and recovery plans.

For more information about creating a configuration plan for your MIIS 2003 solution, see “Planning Your System Configuration for MIIS 2003” in this collection of the MIIS 2003 Technical Library.

Deployment Roles and Team Responsibilities

After the design team hands off the dataflow design and the configuration guide to the deployment team, the deployment team develops or refines the prototype, tests it, and begins developing an operations plan to address maintenance and support. The deployment team can be composed of members of the project or design team, but most likely will be different people within your organization.

The deployment team works with the operations team during the deployment phase to ensure that members of the operations team are familiar with the new design. This helps to ensure a smooth transition of ownership when the deployment process is complete.

During the deployment phase, you will involve other experts, such as a network analyst, the operations lead, and other system engineers (if needed), to test the configuration specified in the MIIS 2003 system dataflow design document and to test your configuration plan for the following:

  • Resolve compatibility and interoperability issues.

  • Measure and assess the potential effect of the deployment on network bandwidth.

  • Identify existing operational procedures that might be affected by the deployment, and finalize any deployment procedures.

  • Compile a list of hardware requirements and measure its accuracy in the lab.

  • Balance costs and benefits that might require input from the executive sponsor.

  • Understand the risks involved in committing a change to an object without first viewing it in preview mode.

After the deployment is complete, the operations team maintains service levels. When implementing your MIIS 2003 solution, you assign network administrators and support personnel to appropriate operations team roles, and assign security group memberships as predefined by MIIS 2003.

The deployment team is responsible for ensuring that the designed MIIS 2003 solution is implemented correctly. This team is engaged in testing and is most likely to find design flaws as they progress with a pilot deployment.

Deployment team responsibilities include:

  • Establishing a test environment that emulates the network environment and setting up MIIS 2003.

  • Testing the dataflow design plan to ensure that it functions as planned and refining it as necessary to optimize performance or address any problems. This includes rigorous testing of data imported from or provisioned out to the connected data sources.

  • Testing the security strategy.

  • Evaluating the existing network hardware and connectivity to ensure that the physical infrastructure supports the design.

  • Developing a deployment and help desk support plan and executing the plan in the production environment.

  • Testing, refining, and documenting the synchronization rules and custom rules extensions.

  • Testing, refining, and documenting the metaverse object mappings.

  • Creating operational procedures so that network administrators are ready to assume their roles when the time comes to delegate administrative responsibilities.

Operations Roles and Team Responsibilities

The MIIS 2003 operations team consists of existing personnel who are trained on MIIS 2003. The default security groups define the five common roles: administrate, operate, join, password reset, and browse. Of these roles, the administrator role has the most privileges and therefore must be the most trusted. As with normal IT operations, inclusion of users in security groups is based on the policies and practices within your organization.

Members assigned to the MIIS 2003 security groups form the MIIS 2003 operations team and are responsible for the customary operations as with other system applications in addition to the specific MIIS 2003 responsibilities as dictated by membership in the default security groups. The number of people that are required to fill these roles varies based on the size of your organization, the complexity of your network environment, and the complexity of your scenario.

Next

See Also

Concepts

Initiating Your Identity Integration Project
Define the Project Structure
Start the Solution Proposal
Document Your Business Goals
Assess Your Current IT Infrastructure
Create the Project Vision and Define Scope
Assess Risks for an MIIS 2003 Project