1. Case Study: Using Identity
Management & a Web Portal as a
Gateway to the Cloud
Steve Young, CTO
Judson ISD, San Antonio, TX
syoung@judsonisd.org

2. About Judson ISD
∗ 4th largest public school district in Bexar County,
Texas (San Antonio area)
∗ 22,500 students and 3,000 employees
∗ 31 IT staff members
∗ Over 7500 desktops, laptops, tablets
∗ Additional 3,200 virtual desktops
∗ 189 virtual servers
∗ More info at
http://www.judsonisd.org/district/technology/

3. Why A Cloud Approach?
∗ We cannot do it all
∗ Staff size decreasing
∗ Budgets are shrinking
∗ Student population & number of schools increasing
∗ Huge value proposition with many online services
∗ Constituents want 24/7 services and cloud services
are 24/7
∗ Classroom learning can be extended outside of
normal school day

4. Cloud (SaaS) Advantages
∗ Generally very high up time
∗ Offer cutting edge services
∗ Low Cost or predictable recurring costs
∗ Quick Deployment
∗ Lower technical barriers to entry
∗ Often can implement without additional staff
∗ If……..

5. We Can Automate Account
Management
∗ Judson ISD had automated creation, update, & retiring of
student & staff accounts, file shares, email accounts and
groups with UMRA (User Management Resource
Administrator)
∗ This allows MANY systems user information to be automated,
not just Active Directory
∗ Timeliness of data is increased, as is security
∗ Users do not have to wait for accounts to be created, as they
are created when the source HR or SIS data is created

6. Leveraging Identity in a Web Portal
∗ We offer web/Cloud applications via our MyJISD
Stoneware portal to:
∗ All users (staff and students)
∗ To any device
∗ To any location (in or out of network)
∗ At any time
∗ On guest network or in Starbucks
∗ To do this we must know who users are and pass
their credentials to disparate web applications

7. Two Cloud (Saas) Examples

8. Live@edu
∗ We did not want to host student email accounts – too
much time, $$, etc.
∗ We also wanted to automate account management
∗ We used Tools4Ever and their UMRA product to
automate Live@Edu account management from AD
∗ We authenticate students via AD into our portal and
auto log them into Live@Edu
∗ This could also be done via UMRA for Google Apps

9. Schoology
∗ We wanted to provide a simple to use LMS for staff and
students to use at will without any technology
intervention –chose Schoology.
∗ My team worked with them to be an early adopter of
their API/SSO to synchronize account data and manager
users.
∗ We wrote a custom web app to synchronize and manage
Schoology users
∗ We authenticate students via AD into our portal and auto
log them into Schoology

10. In Summary
∗ Cloud (SaaS) deployments can be extremely efficient and cost
effective
∗ But managing users can require a lot of staff time
∗ Automated identity management from source systems is critical
∗ Identities must be further synced with SaaS systems to keep
costs and staff time to a minimum
∗ A portal that can pass credentials from AD and from an SSO
lockbox allows users an easy one stop shop for all their
applications from anywhere on any device