UC Enterprise Directory Project Meeting Agenda

1. Campus updates on Directory project progress. Each campus should bring a one-page handout to distribute at the meeting.
2. Review Scope / Uses of the (Enterprise) Directory Service
• Online White Pages. The most obvious use of a directory is to provide online access to information about people.
• Electronic mail delivery. The online white pages can be used to discover a person's electronic mail address. A directory can also be used to specify delivery mailboxes.
• Authentication. Which authentication systems should the directory support?
• X.509 digital certificates
• Kerberos
• ID/password, etc.
• Authorization. In what ways should the directory be used to support authorization?
• Relationship between campus directories and a systemwide directory.
3. What directories should there be? There will certainly be a directory per campus and a systemwide directory. What is the relationship with the application-specific and organization-specific directories that will certainly exist?
4. Who should be in our directories?
• Students, Staff, Faculty. These will be put into the directory, but the minimum data requirements need to be defined. We also need to develop precise definitions of these groups.
• Ex-Students, Ex-Staff, Ex-Faculty. Should these be in the directory?
• Customers / Partners / Friends / Others. What other University affiliates should be put into the directory?
• Identity Management. Regardless of affiliation, how do we ensure (or at least have a high probability of) a one-to-one mapping between directory entries and actual people? With which databases do we match (e.g., Payroll, SIS, telephone book)?
5. Content of Directory Entries.
• Everyone. What information is maintained for everyone?
• Employee. What information is maintained for faculty and staff?
• Student. What information is maintained for students?
• Union Members, Members of Academic Senate, etc. There are a number of University-recognized affiliations. What do we maintain about them?
• Others. There are even more affiliations that are not recognized officially by the University. What do we do about them?
• Application-specific information. Should we provide application-specific extensions to the directory? If we do, we increase the complexity of the directory. If we don't, we increase the complexity of a potentially-large number of applications
6. Roles. What are the roles people fill with respect to applications? Which of those should be defined in the directory?
7. Privacy Policy and Access Rights. We need to determine privacy policies and define appropriate access rights for all items in the directory.
8. Sources of Information. We need to define where all of this data comes from. We also need policies and procedures for how all this data gets into the directory. For example, are certain applications sources of directory data and others users of directory data?  Also, the process of identity matching will need to be determined between the directory and each of the sources.