Penn State adopting Enterprise Active Directory University-wide

January 29, 2019

The Enterprise Active Directory (EAD) service provides a single, central directory and authentication service for the entire University. The EAD allows IT staff members to better manage users “digital credentials” and to enable access to applications and data over the University’s network. The EAD was instrumental in the recent, successful implementation of Office 365 University-wide.

Currently, there are more than 60 non-EAD instances of Microsoft’s Active Directory within campuses, colleges and administrative areas across the University. This distributed environment creates inefficient business processes and increases the risk of cyberattacks, according to Don Welch, Penn State’s chief information security officer.

As a result, a project to transition all Penn State-owned computers to the University’s EAD Service by the end of the year is underway. IT staff members will coordinate this process, which will be transparent to end-users.

Moving computer authentication and accounts from these individually run instances to the EAD will increase operational efficiencies, improve the University’s security posture, and position Penn State IT staff members to better support other enterprise-wide products and services.

In addition, the EAD will further the University’s single sign-on initiative, an authentication process that allows users to access multiple applications with one set of login credentials. Single sign-on works like an ID card, allowing computers and websites to use other, trusted sites to verify users. This frees units from the need to hold passwords in their databases, cuts down on login troubleshooting, and decreases the damage an attack can cause.

The EAD Adoption Project marked its official launch last month with a kickoff event that brought together campus, college and administrative IT staff members with Penn State Office of Information Security leaders and EAD subject matter experts. During the event, a panel of fellow IT staff members who have already transitioned their areas to the EAD shared their experiences and offered tips and techniques for a successful migration.

An EAD Adoption Project team has been created to assist individual areas with their transition to the EAD. Each unit will be assigned a dedicated transition manager to provide support as well as a checklist of activities to help them prepare for the transition.

As the EAD Adoption Project moves forward, Adoption Project team members will be reaching out to units across the University to discuss the onboarding process and begin the important transition to the EAD. To view the steps involved in the onboarding process, IT professionals can review the Knowledge Base article at EAD: Onboarding Process Overview (Enterprise Active Directory).  

To learn more about the benefits of EAD and the EAD adoption project, visit the Enterprise Active Directory Adoption Project website.

The EAD service is jointly managed by the Office of Information Security and Enterprise IT.

Last Updated January 29, 2019