[Wactclc-alma] Alma, EZproxy and ctclink auth

Thomas, Kirsti Kirsti.Thomas at seattlecolleges.edu
Fri Mar 31 15:34:23 PDT 2023 

Our IT department is rolling out Okta a bit at a time.

We did have a blip where they forgot that they needed to keep LDAP authentication for Alma-Primo up and we had surprise one morning when no one could log into Alma-Primo.  I contacted IT right away and they reactivated Active Directory.

If our IT department can do this for us, yours can probably do this for you. :)

When we got ready to switch to EZProxy authentication via Okta, I contacted our IT dept. to ask them when they could fit working with OCLC Support to configure SAML authentication between EZPRoxy and Alma into their schedules.  (We have hosted EZProxy).

Once IT said they had time, I opened a ticket with OCLC Support and cc'ed our IT person who handles Okta so OCLC Support and our IT department could coordinate the configuration.

It took something like 3-4 weeks of configuration testing, but we were doing this for 4 different EZProxy servers.

Once the config testing was done with IT and OCLC Support, our IT staff added specific library staff as authorized users for the "EZProxy app" in Okta.

OCLC Support was able to switch us from LDAP authentication with Active Directory to SAML authentication with Okta within an hour.

After library personnel confirmed it worked, IT then added everyone as authorized users for the Okta app.

We did schedule the switch to Okta for early in the quarter when it would be less disruptive. We notified all the reference librarians and library staff on the day we switched and again once the switch was complete. A week or two before the switch we created step-by-step instructions for how to sign into Okta for the first time that we posted to the library websites & sent to all library personnel.

You'll want to have the library dean let the head of IT know that IT can't disable Active Directory authentication until they've enabled Okta authentication for EZProxy and for Alma-Primo.

Does this help?


It will be ok!

Kirsti S. Thomas (Hear my first name<namedrop.io/kirstithomas>)
Library Technical Services Manager & Systems Librarian
Seattle Colleges
kirsti.thomas at seattlecolleges.edu



From: Wactclc-alma <wactclc-alma-bounces at lists.ctc.edu> On Behalf Of Isaac Devereux
Sent: Thursday, March 30, 2023 16:04
To: WACTCLC Alma Discussion <wactclc-alma at lists.ctc.edu>
Subject: Re: [Wactclc-alma] Alma, EZproxy and ctclink auth

Hi Kirsti,

Yes, Okta is what I meant. They are switching to Okta for Canvas next week and we are trying to figure out what to do with our systems at the library.  You may have heard about the ransomware incident at Shoreline. My understanding is that we are unable to add new users to Active Directory, which is how Alma, Primo and EZProxy authenticate now, but I'm not sure about that.

I'm hoping we can stay with AD and that it will be complete, or that we can move to Okta, but I think we might have to move to authenticating against a text file for a while if college IT deprioritizes us as they sometimes do.
regards,
sj


Saint-Jean Devereux
Library Technical Services

Shoreline Community College
library.shoreline.edu  |  206.546.6962
Pronouns: he, him / they, them
I welcome VSRE emails. More at http://vsre.info<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvsre.info%2F&data=05%7C01%7C%7Cc02ec4f12f7b45f6cc8808db31732d6e%7C02d8ff38d7114e31a9156cb5cff788df%7C0%7C0%7C638158142985671352%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ktvwHQFEv8wBpSynDDJWmHDJwRYydcnWgIA%2BLUnwRoU%3D&reserved=0>



________________________________
From: Wactclc-alma <wactclc-alma-bounces at lists.ctc.edu<mailto:wactclc-alma-bounces at lists.ctc.edu>> on behalf of Thomas, Kirsti <Kirsti.Thomas at seattlecolleges.edu<mailto:Kirsti.Thomas at seattlecolleges.edu>>
Sent: Thursday, March 30, 2023 2:34 PM
To: WACTCLC Alma Discussion <wactclc-alma at lists.ctc.edu<mailto:wactclc-alma at lists.ctc.edu>>
Subject: Re: [Wactclc-alma] Alma, EZproxy and ctclink auth

[ CAUTION: This email originated from outside Shoreline Community College. Do not click links or open attachments unless you recognize the sender and know the content is safe. ]


Do you mean you want to use ctcLink (the PeopleSoft platform) itself as the tool for authenticating that someone is a current student or employee?



I don't think you can use the PeopleSoft platform that way. But maybe I'm wrong?



I think your institution needs to have some kind of identity management system like Okta, Shibboleth, OpenAthens, or Microsoft Active Directory for EZproxy and Alma-Primo authentication.



>From what I remember,  the State Board has a contract with Okta that any of the WA community/technical colleges can sign onto. I know our IT department now uses Okta for authentication via that contract.



We switched to Okta for EZProzy authentication in January and I hope to have Okta set up for Alma-Primo authentication soon.





It will be ok!



Kirsti S. Thomas (Hear my first name<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fnamedrop.io%2Fkirstithomas&data=05%7C01%7C%7Cc02ec4f12f7b45f6cc8808db31732d6e%7C02d8ff38d7114e31a9156cb5cff788df%7C0%7C0%7C638158142985671352%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=WHLz5nZBYulvJbOzJuXRiXEuydTFYKcM88a%2BxNqlZjw%3D&reserved=0>)

Library Technical Services Manager & Systems Librarian

Seattle Colleges

kirsti.thomas at seattlecolleges.edu<mailto:kirsti.thomas at seattlecolleges.edu>







From: Wactclc-alma <wactclc-alma-bounces at lists.ctc.edu<mailto:wactclc-alma-bounces at lists.ctc.edu>> On Behalf Of Isaac Devereux
Sent: Thursday, March 30, 2023 13:15
To: wactclc-alma at lists.ctc.edu<mailto:wactclc-alma at lists.ctc.edu>
Subject: [Wactclc-alma] Alma, EZproxy and ctclink auth



Hi All,



Who has Alma and or EZProxy set up to authenticate against ctclink? Is anyone available to talk to me about their set up?

thanks!





regards,

sj



Saint-Jean Devereux
Library Technical Services

Shoreline Community College
library.shoreline.edu  |  206.546.6962
Pronouns: he, him / they, them

I welcome VSRE emails. More at http://vsre.info<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvsre.info%2F&data=05%7C01%7C%7Cc02ec4f12f7b45f6cc8808db31732d6e%7C02d8ff38d7114e31a9156cb5cff788df%7C0%7C0%7C638158142985671352%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ktvwHQFEv8wBpSynDDJWmHDJwRYydcnWgIA%2BLUnwRoU%3D&reserved=0>





CAUTION: This email originated outside of the Seattle Colleges' email system. Do not click links or open attachments unless you recognize the sender and know the content is safe. Questions? Contact IT Services at x6333 (Central), x3630 (North), x5844 (South) or email ITHelp at seattlecolleges.edu<mailto:ITHelp at seattlecolleges.edu>.


CAUTION: This email originated outside of the Seattle Colleges' email system. Do not click links or open attachments unless you recognize the sender and know the content is safe. Questions? Contact IT Services at x6333 (Central), x3630 (North), x5844 (South) or email ITHelp at seattlecolleges.edu<mailto:ITHelp at seattlecolleges.edu>.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20230331/2159f95a/attachment.html>

More information about the Wactclc-alma mailing list