[Campus Notice] Guidance on Known Impact During IAMRiverside Deployment

UCR Information Technology Solutions tech-bulletin at lists.ucr.edu
Thu Mar 16 17:54:39 PDT 2023 

Hello SAA,

You are receiving this notice because the IAMRiverside Project Team would like to provide guidance on a known impact to some campus users, which will result from the planned deployment of UCR's new identity and access infrastructure<https://its.ucr.edu/iamriverside>.

Specifically, we would like to call your attention to the following:

UCPath Will Be Authoritative Source for Employee and Contingent Worker Account Types

It should be noted that IAMRiverside will look to UCPath as the authoritative source for account type. As a result, some users may notice a change in their access if there is currently a discrepancy between their UCPath designation and any alternate designation provided by eDir or eForms. We know this applies to a subset of campus users but are not able to determine to what extent access will become an issue for these users, as access is currently determined by sources like EACS.

What does this mean for SAAs?

You may be contacted by org./dept. admins, UCPath CSC/SSC personnel, or ITS BearHelp to make updates to a user's access in EACS if it is determined that the individual's primary designation in UCPath is correct but they are still unable to access specific systems/resources.

Resolution guidance should a user access issue be brought to your attention

If you are contacted to help resolve a user's access issues, please review EACS to determine that the individual is granted appropriate permissions.

If user access issues persist after ensuring appropriate access in EACS, please reach out to your Shared Service Center to request review of the user's designation (affiliation) in UCPath. It is possible that their primary account type was updated incorrectly and is, therefore, restricting access.

If the user's primary designation in UCPath is correct but you are unable to grant the user access in EACS OR you believe you have granted appropriate access but access issues persist, it may be that the individual was previously granted permissions that they should not have obtained according to UCR policy. If it's determined that this user needs access regardless, please submit an IT service ticket to report this case to the ITS Identity & Access Management (IAM) team. Such a case will need to be further investigated by the IAM team and decided by the Central Offices.

Reminders

As a reminder of other anticipated impacts during deployment, please find a copy of the original notice sent to all stakeholders on March 7 below:

IAMRiverside Deployment (Go Live)

Deployment is scheduled to commence the afternoon of March 16, 2023, and conclude by midday on March 20, 2023. Due to the scope and technical complexity of this change, please note that IAM services will be impacted during this deployment window.

User Experience During Deployment

Please anticipate the following during the deployment window:

Delay in NetID Creation & Account Updates

It is important to note that NetIDs cannot be provisioned during the deployment window. As a result, folks should expect delays in providing system access to new persons, as well as delays in processing any changes made in sources of authority (e.g., UCPath, Banner, etc.) for an existing person. This inconvenience is an unfortunate byproduct of the cutover to the new solution, but also a reminder of how critical this infrastructure is to UCR operations. Please share this information with your unit and try to plan accordingly.

Decommissioning of eForms, Enterprise Directory (eDir), and Temporary NetID System (TNS)

As communicated previously, eForms, eDir, and TNS will be decommissioned as part of the deployment. As a result, these systems will no longer be accessible. Once IAMRiverside is live, functions currently performed in those systems will be performed in IAMRiverside.

Disruption to Password Reset

Additionally, near the beginning of the deployment window, the ability to reset one's password in MyAccount will be unavailable for approximately one hour. An alert will be posted in MyAccount to make users aware of this planned service disruption.

Email Alias Limitation in R'Mail

Similarly, during the deployment window, those with R'Mail (Google) email accounts will be unable to use the "send as" alternate alias function when composing emails. Any emails sent during this time will leverage the default setting to "send as" the user's netID at ucr.edu. However, it should be noted that users can still "send to" all alias email accounts (e.g., scotty.bear at ucr.edu).

UCPath Will Be Authoritative Source for Employee and Contingent Worker Account Types

Finally, it should be noted that IAMRiverside will look to UCPath as the authoritative source for account type. As a result, some users may notice a change in their access if there is currently a discrepancy between their UCPath designation and any alternate designation provided by eDir or eForms. We believe there are only a handful of units that this applies to, but if you or your staff experience any access issues after Go Live, please ensure that proper attributions have been applied in UCPath and EACS. If access issues persist, please submit a ticket<https://ucrsupport.service-now.com/ucr_portal?id=ucr_home_new&logged_in=false> to the Identity and Access Management (IAM) team.

Resources

Information about IAMRiverside and support resources are available on the IAMRiverside project page: https://its.ucr.edu/iamriverside.

Thank you for your attention to this matter. For additional information about IAMRiverside, please visit https://its.ucr.edu/iamriverside.

Sincerely,

IAMRiverside Project Team
Information Technology Solutions
University of California, Riverside
https://its.ucr.edu/iamriverside
[UCR-ITS-Logo_Riv_signature]


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20230317/fa85fcbb/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 11985 bytes
Desc: image003.png
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20230317/fa85fcbb/attachment-0001.png>

More information about the Tech-Bulletin mailing list