Mapping of Status to Application Access Home  Identity Management (IdM) System Mapping of Status to Application Access
This table gives an example overview of how the defined
user status types and employee
appointments would impact access to services.
| Status\Service |
Kerberos |
Moira (1) |
CruzMail (2) |
AIS |
LDAP |
Shibboleth |
| Student |
| Applicant(3) |
|
|
|
x |
x |
x |
| Incoming |
x |
x |
x |
x |
x |
x |
| Active |
x |
x |
x |
x |
x |
x |
| Inactive |
x |
x |
x |
x |
x |
x |
| Leave |
x |
x |
x |
x |
x |
x |
| Employee |
| Active |
x |
x |
x |
Appoint |
x |
x |
| Leave |
x |
x |
x |
Appoint |
x |
x |
| Faculty |
| Active |
x |
x |
x |
x |
x |
x |
| Affiliated |
x |
x |
x |
x |
x |
x |
| Other |
| Other |
Manual |
Manual |
Manual |
Manual |
x |
Manual |
| Staged Employee |
x |
x |
x |
|
x |
x |
(1) Moira and Kerberos are both part of the same "package"
-- functionally they are one target.
(2) In the first phase of service delivery, CruzMail will be provisioned via
Moira. Until a separate CruzMail feed can be developed, there will be no difference
between this column and the "Moira" column.
(3) Applicants currently do not receive any direct services from IDM.
Legend
| x |
Grant account for users in this state |
Appoint
| Implies an approval process that associates the access with a specific employee appointment.
If that appointment ends, the account should be reviewed, disabled or deleted. |
|
Manual
| A review process that grants access to a system for a fixed amount of time.
When the time period expires, the access must be re-granted or the account is closed. |
|
| 
