Name already in use

Excerpts about Banner from Software Integration WG meeting notes

SIWG Friday, 24 September 2021 Build an agenda for a Banner task force planning meeting MattB, KeithL, Ethan,

SIWG 27 Aug 2021: MattB: Course rosters come from Banner to Grouper through loader jobs and out to AD and VMs

Agenda #5: Harvesting artifacts from the Banner Connector Work:

• Build an agenda for a task force planning meeting

• MattB, KeithL, Ethan,

• Majeed: Dealt with IMS Global; Massive schema: Grade import from Sakai to PS SIS; Rosters over CSV,…​.

.

SIWG 18 Aug 2021: Friday Aug 27 meeting: Banner Connector Work Plan Development

• Relative value of Ethos, BEIS, Database View modes

• MattB, KeithL, Patrick Landry?

• PaulSpaude, Unicon: ScriptedSQL connector for mP back to Banner; Good as an example; Another connector for populating a Grouper subject source

.

SIWG 17 Mar 2021: MattB: User in Banner; mP provisions out to subject source; Grouper has links to Banner for role info and links to people via mP; Grouper pushes org and role info to midPoint, and then midPoint does the actual provisioning to resources appropriate to org/role info; Eventually bring in COmanage as a guest SoR.

SIWG 3 Mar 2021: CACTI: Kevin Hickey - U Detroit Mercy joined Banner Integration WG; Should we invite him into the mP User Group;

SIWG 26 Feb 2021: KeithL: BEIS messages, AMQP, async connector to mP, Banner to mP: three approaches: 1) Banner is creating Oracle triggers that create events (XML, JSON) plops them onto AMQP BEIS grabs the message, process and forward to PSP; mP can grab from the AMQP exchange; Web app, captures messages, converts to JSON, republishes; If you don’t need BEIS; go to BEP which puts native JSON messages from triggers; Ethos works sorta like this, too. MattB: db, BEIS, BEP: mP will push identities into subject source.

SIWG 28 0ct 2020: Banner deliverables review

Proposal from Keith LeValley, Davenport U.

• Progress on connector at Mines

• Draft deliverable: Mines Banner Person schema mapping (see the Spreadsheet tab “SoR to TAP Person Schema”

• Alternative 1): For TAP person attributes with a Type + Value structure, prepend type to attribute name, e.g. officialFamily, preferredGiven Pro: No special handling required in midPoint Con: Crafting unique attributes for each type+base attribute pair leads to schema growth over time.

• Alternative 2): Use of namespaces for extension attributes and subtype information banner:pidm, minesEdu:activityDate Pro: Consistent with XML namespacing practices Con: Do colons in extension attribute names pose processing challenges?

• Alternative 3): Create a multi-value string attribute where the values are JSON strings that can be parsed into attribute type and attribute name or other complex attribute elements Pro: JSON tooling available in many languages JSON Path online workbench JsonPath Java Toolkit & API (Apache2 license) Json Path Python library Con: Cannot be indexed; Extra processing overhead

midPoint User Type common schema Custom schema extension section of midPoint documentation

See the following example: midpoint/resource-opendj.xml at master · Evolveum/midpoint · GitHub Referencing a value for family name of type ‘official’ in a midPoint Resource definition:

… <inbound> <target> <path> declare namespace i="http://midpoint.evolveum.com/xml/ns/public/common/common-3"; declare namespace offName="http://id.internet2.edu/ns/tap/user/name/official"; $i:user/i:extension/offName:family </path> </target> </inbound> …

SIWG 9 Sep 2020:

• We only need to Map ERPs to 4 things: Banner to LDAP, Banner to midPoint, Banner to Grouper, Banner to COmanage; or Banner to mP, mP to X 15 schools, 15 ERPs,

• Here’s TAP data model; attributes outside that we don’t attempt to

• The LDAP Protocol Representation of the SCHAC schema

• The TAP Banner Protocol Representation of the Banner Data Model

Tasks in progress:

• Map the collection of Banner attributes identified by multiple institutions to corresponding attributes in the TAP Core Person Schema, (There will not be corresponding attributes in all cases).

• Working document: Banner Schema Crosswalk

• For reference: Spreadsheet form of the TAP Core Person Schema

• Still useful: Core Schema / Attribute Library: Intended to be exhaustive list of attributes used in TAP

.

SIWG 31 Jul 2020: (With Todd Blakemore, Ithaca College - Banner school)

SIWG 29 Jul 2020: CarlW: Lots of profs had wide variety of online learning tools; Moodle is common; create Google groups for class rosters (email list, etc); Banner to LMS; Decided Moodle rosters to Grouper as SQL loader jobs to reference groups; Policies in Grouper, use to control access to G-Suite. In testing, moving to production soon. BillT: Banner to Moodle is hairy and the experience of trying has left marks; Exception processes are all handled in Moodle.

UNC Chapel hill (EthanK) pull roster info from Banner; profs can grant access in downstream systems; 1st target: Office 365, G Suite next

SIWG 5 June 2020: Invite CSP participants (Keith LeValley, Patrick Landry, John Kamminga, UC Merced) to SI calls to share experience and advice on their SoR to mP and mP provisioning approaches None is production ready KeithL has demoed BEIS messaging PoC

Generic SCIM 2 connector development (TAP-57) (Provisioning Tools) Develop plan to build on SCIM 2 server and client code developed at UNC Chapel Hill for Banner integration

Design and document Banner database and Ethos connectors (TAP-79) (Banner as SoR) KeithH: Complete screencast of simple db Table connector to reconcile Banner with midPoint Ethos: Performance issues, pull only; Push is partially supported by BEIS; Andy Morgan, OSU had a working example

SIWG 15 May 2020: Banner Connector Progress

Walk through setting up another databaseTable-style resource via the Eclipse plug-in for midPoint demo Look at example midpoint_server/container_files/mp-home/post-initial-objects/resources/100-source-sis-persons.xml

Explore Banner registry Data: https://drive.google.com/file/d/107_QhEqWi-jE3-1Isebv4N6J47CAJA9b/view?usp=sharing ⇐ Registry data Insert DDL Connector config: https://drive.google.com/file/d/1giEshoy7wpl_hZXfAYDkMIiiLhlQHOLJ/view?usp=sharing ⇐ Mines registry DDL

https://github.internet2.edu/internet2/person ⇐ See Mines Banner section

SIWG 24 April 2020: Getting started on a midPoint resource definition for the Banner person view above

midPoint DatabaseTable Connector (should be adequate to handle Banner Db View

This is almost entirely the original version from Sun ICF

• Postgres JDBC Driver included in distro. Others need to be provided by deployer

• annotated example provided

• Sample table ddl and resource definition (use as template)

• Very early cut at SoM Banner midPoint resource

• Alternative connector worth a look

• midPoint ScriptedSQL Connector

• Sample in midPoint repo

• More detail at Anydatabase (ScriptedSQL), including table ddl and resource definition

Breaking School of Mines Banner Resource definition down into work items (and assignments)

SIWG 29 Jan 2020:

• Produce schema crosswalks between Banner Ethos, CSP schema, IMS Global, and campus-specific Student Information data models

• Review School of Mines person attribute equivalents in Banner Ethos data model: See column K of schema crosswalk

• Identity midPoint Ethos connector equivalents

• Generalize this approach so it is repeatable for SoR integration generally

• Review Ethos person and constituent person model to see how they differ, Persons is for students, faculty, staff, etc, constituent person is for advancement

• Todo: Mattb: look up how description is constructed and provide to Keith

.

SIWG 24 Jan 2020: userType schema extension in midPoint (EthanK)

• Core person schema https://github.com/khazelton/schema/blob/master/schema/core-person.json

• Crosswalk with midPoint, core person, and Banner https://docs.google.com/spreadsheets/d/1SurcgxTpBG2DmXsliQ9nMUgof3xySn7Z4ntQ4_poNPU/edit#gid=0 ⇐
  

• mP does not yet support complex attributes: How do we handle these until ConnId

• To extend the list of attributes for users, mP’s UserType, modify the core-person.xsd with a fragment of .xsd defining the new attributes as extensions to the base UserType

.

SIWG 10 Jan 2020: Mines: Banner - Minimal Registry Person - midPoint UserType crosswalk based on Matt’s SoR Grouper Tables

• SoR Grouper Tables

• The Person tab

• Banner table sourced information with simplified names in column A; authoritative source of identity and basis group information

The Subject Source tab

• The database schema for what will be Grouper’s subject source; This will be mapped to the midPoint user type; Already created and populated by a java routine reading from Banner views

• Employee tab, Student tab, Guest tab*

• Column D is the proposed full-path group name for Grouper Loader-created basis groups

• Each employee classification code has a corresponding basis group with the code as the group name

• Each student application decision code has a corresponding basis group with the code as the group name

• Active student is a calculated field

• Each type of guest is associated with a specific Banner attribute

• Review open issues

.

SIWG 8 Jan 2020:

• Produce schema crosswalks between Banner Ethos, CSP schema, IMS Global, and campus-specific Student Information data models

• Generalize the problem set to SoR integration generally

• Mines [tabbed] schema tables

• https://docs.google.com/spreadsheets/d/16pbwg5aB_6g1lypU2IdM90rBXiMF4NGQdeb3U1GcpC8/edit#gid=410844316 ⇐ as a starting point; MattB on action items from yesterday’s Banner Integration meeting

• Target: Write a small Ethos connector, name email, institutional role; to get a working connector setup

• Do same with BEIS

• Schools with only a database for reference

.

SIWG 3 Jan 2020:

Guests? BillT: Mastered in COmanage, pushed back to Banner and get an L number; Banner has a consolidated person table; IAM includes aspects of Banner; Key win: Either created fake employee numbers or we’d create Lafayette DNs with no matching identity info;

MattB: COmanage for guests is on roadmap; could push data into Banner and/or Ethos; At mines Banner successor considering Workday; Replaced script tangle with Aegis Trident, they got bought and went silent; Not thinking of mP as ‘skinny’, but kept trim; develop custom front ends for specific biz users; Grouper will decide who has access to what, records their state, mP will push to LDAP and Kerberos; SHOULD vastly reduce thody of scripts (Groovy, JavaScript); mP is managed in a declarative manner compared to procedural approach represented by all the scripts.

Lafayette: Will migrate their Python code for RabbitMQ to the cloud equivalent Course-related mappings? Laf uses P2P Banner to Moodle; Long journey, before Bill’s time; However talked about reversing flow: Master in Moodle and manage there, push back into Banner; Seems like a valuable thing to tackle. Survey the community;

MattB: Canvas gets a direct dump from Banner 3x per Day; Physics Dept uses LonKappa

SIWG 20 Sep 2019:

KeithH: A bunch of folk are running a Banner/midPoint connector development effort. As part of that, I’m pulling together accounts of how various places have dealt with the IAM aspects of courses, students, faculty, class offerings and class rosters. Is that currently on the GDG roadmap? If it makes sense, the connector group could draft material that GDG folk could critique, comment on or edit. Thoughts?

BillT: Yes, would love to have at least a model for class rosters and organization hierarchies. was thinking of a bit of survey, discussion, and synthesis like we did for TIER folder/group structures. sounds like you’ve already done the survey part?

SIWG 13 Sept 2019: Toward a proposal for managing IAM aspects of academic entities: Courses, students, faculty, sessions, terms, course rosters, learning resources

What are the good/best practices we can draw from these and related resources?

• See inctrust-si email thread, “Course-related info in Grouper

• Chris Hyzer, Grouper loader classlist example from Penn

• Brown, Peter DiCamillo, Provisioning from Banner to Grouper; How did they wire Banner to ActiveMQ? Thin on how it gets into Grouper: more detail please? Full overnight reconciliation: useful; XML BEIS?

U Hawaii, Julio Polo

• Banner Messages

• UH Group Store

Matt: Canvas gets teaching faculty per course before Banner does

pix/banner-integration.list.png ⇐ screenshot of banner-integration subscriber list

SIWG 2018-05-01 14:00: CSP Banner group

From John Kamminga to Everyone: 02:38 PM

Here are the Banner schemas that have been collected so far:

Dean Lane, Rice https://drive.google.com/a/rice.edu/file/d/10imNFwfxBgzOCPVbu4XNCZA4uoQ3ytTe/view?usp=sharing Janemarie Duh, Lafayette https://docs.google.com/spreadsheets/d/1mTop1_xrpiI819bAdCdm7cNhlxGhbP9_hUkp5Ni_Oss

From Robert Ward to Everyone re Banner/WSO2 Identity Server 5.3; Ethos identity is WSO2 identity Server
https://docs.wso2.com/display/IS530/Role+Based+Provisioning+