CalNet Services


CalNet ServicesCalNet operates a large portfolio of services to meet the identity and access needs of UC Berkeley. These services can be broken down into five primary categories. Click a link to jump directly to that section, below.  

For a live view of current CalNet projects, see the CalNet Roadmap.



Identity Data Services (IDDS)

CalNet curates identity data from several University systems of record. Identity Data Services represent a suite of technology solutions that allow campus programmers with complex needs to consume identity data to make access control and resource provisioning decisions. 

Service
Description
Active Directory AD-Microsoft implementation of LDAP.  Managed by Infrastructure Services and populated by CalNet data.
Berkeley Person Registry BPR is the suite of services and applications that gather identity data from systems of record and provision them out to downstream systems.
CalGroups Grouper-based group management solution.
Java Messages Service  JMS Message Oriented Middleware(MOM) solution.  Currently used as an internal service and for some enterprise systems.
Lightweight Directory Access Protocol LDAP-OpenDJ directory servers.
Name Space Name space is an organizational unit (OU) in LDAP that is used to reserve names so that collisions don't happen.
Public Directory Public directory driven off of LDAP managed by Public Relations.

Access Services

CalNet maintains Single Sign On (SSO) services that allow campus community members to use the same account to access many different online applications. Access Services are consumed by application owners who need to leverage SSO to manage access to their applications.

Service
Description
Shibboleth Federated login application. Service Providers and Identity Providers interact via the InCommon federation.
Central Authentication Service CAS is the single sign on application that supports web logins for campus applications. Also supports Shibboleth.
Active Directory Federated Services ADFS is the Active Directory SAML implementation. It is not currently offered as a service, but is in use by the CalNet Active Directory Team for applications that require integration with Microsoft Azure.

CalNet 2-Step

Multi factor authentication requires an additional level of security in the form of an out of band text message, application push to a smart phone, voice call or hardware token.

Sponsored Guests

Integrated with Cirrus Identity, a cloud-based identity management solution utilizing social logins, Sponsored Guests allows some campus applications to accept a Google login in lieu of a CalNet ID.


Account Services

Account Services provide the tools that individuals need to manage and maintain their digital access credentials and accounts.

Service
Description
CalNet Account Manager CAM is the tool used to claim account, set passphrase, set recovery email addresses, change username, and manage 2-Step.
Special Purpose Accounts Special Purpose Accounts (SPAs) are intended for collaboration and sharing. SPAs, their contents/data, and the shared email account are owned by the institution and the primary department of the employee who creates the SPA at the time the SPA is created. They are often used for file sharing and departmental email accounts.
Manage My Keys MMK is a tool where account holders can create an application specific passphrase for AirBears2 or bConnected.
Directory Update 
Legacy tool for updating public directory attributes directly in LDAP


User Support Services

User Support Services provides authorized University technology support staff with the tools they need to be able to diagnose and remedy access errors.

Service
Description
CalNet Admin Tool CAT is a user interface into the Berkeley Person Registry (BPR) that provides a view into campus identity data.


Internal Services

CalNet requires flexible, scalable infrastructure components to move and maintain large amounts of identity data.  Internal Services are consumed or maintained by CalNet to facilitate the delivery of the service portfolio.

Service
Description
Virtual Machines Houses Linux servers
Databases Relational data stores for CalNet applications