We are Implementing Perun - Identity Management System for MUNI
On Sunday, November 1, we planned changes related to identity and access management. We are leaving the current complex and technically obsolete solution and replacing it with the Perun system. We also introduce a new IT service explicitly designed to manage groups and accesses in connection with it.
The current Guest Manager (guest.ucn.muni.cz), which we had been using at Masaryk University together with the Account Manager, is canceled and shut down due to its complex administration, limited development, and technically outdated solution. The associated change is also the transition of the original guest accounts to the so-called sponsored accounts that can be created by any active MUNI employee and that offer a wide range of uses.
This is possible thanks to the new Perun system's deployment, which is designed for comprehensive identity and access management and has a user-friendly GUI (graphical user interface) for more comfortable work. Unlike the old solution, Perun also allows you to delegate access management to the responsible person. It provides him with greater independence in managing his users without contacting the system administrator for every change.
Its main advantage is providing uniform access to services with one user account (so you do not have to log in to each service separately). In the system, it is also possible to delegate the management of these accesses to other people, which means that you do not have to ask the system administrator about every little thing.
New IT Service for Group and Access Management
Hand in hand with these changes goes the preparation of a group and access management service, which is based on the Perun system. It offers MUNI employees the ability to independently and effectively manage access for their team or workplace to the necessary services and other IT resources, such as setting up room entrances, connecting to Wi-Fi, accessing the database and administrator roles in specific applications, and more.
Service access management is implemented using groups, whose members can be managed manually or automatically according to set rules. It is possible for external collaborators to establish a so-called sponsored account that offers access to MUNI's IT resources as if they were a university employee or student. The account must only be "covered" by an active MUNI employee, the so-called sponsor. These sponsored accounts are useful, for example, when holding conferences or collaborating with colleagues outside the university.
In the system, users see only those groups and resources they have rights to view or edit. This is in MUNI's basic settings creating sponsored accounts and groups (screen 1 - basic approach). Additional rights to IT resources and groups can user obtain upon his request and approval (screen 2 - example of extended rights).
IT Services and Resources at MUNI
There are hundreds of (not only IT) services and thousands of different resources at Masaryk University. Currently, the group and access management solution is deployed in a pilot operation, in which we have selected the services and resources that we know are most often used. Of course, we have not forgotten the remaining ones, and we are continually adding more to the system. We also continuously improve the solution for group and access management, both in terms of available functionality and user interface. All this is based on the requirements of administrators and suggestions from regular users.
In case of any questions, please contact us at email@example.com. At the same time, we welcome any feedback to improve our unified group and access management solution.
* The image of the Slavic god Perun used on the IT MUNI homepage is the work of Russian artist Igor Ozhiganov.
Scan Documents Using OneDrive on your Phone
The closed university buildings drove us to work and study in our homes. However, not everyone has office equipment such as printers and scanners in their home. And scanning is easy to solve thanks to the OneDrive mobile application from Office 365.
Over 215 000 online books for students and teachers
The National Library of the Czech Republic and the Moravian Library have temporarily made their digital holdings accessible. Altogether, over 215,000 online monographs and periodicals are available for university students and teachers.
Change of Student PC Profiles in Study Rooms
Due to the simplification of administration and technical solutions, users' PC profiles in study rooms are being modified. Above all, the IT background and technologies are changing, but students will also notice small changes in their profiles.
How to Create Teams for Teaching in MS Teams Directly from IS?
Together with colleagues from IS, we prepared the possibility of establishing MS Teams for teaching directly from the environment of the teacher's agenda in IS MU, which, for example, automates the addition of students of the subject/seminar group to the established team.