The Wales IDAM Project

Providing digital learning for Wales using Identity Management – a large-scale project was rolled out by Learning Possibilities using identity management to initiate the secure digital learning for 600k students and teachers in Wales.

Learning in Digital Wales

Project: Learning in Digital Wales
Customer: Welsh Government
Users: 600,000
Date: 2012-2018

National Wales Identity Management Implementation

Learning Possibilities undertook a project to create the identity management component for Wales HWB+ environment. There have been no ‘waves’ of implementation, because the aim is to achieve equality of access for all, and to stimulate collaboration right from the start. Identity management component forms a layer on the infrastructure that bonds all areas of the HWB+ infrastructure providing unique usernames for students and teachers across Wales.

Identity Life Cycle

Identity cycle starts at the school MIS/SIS as the source of identity which was integrated with different MIS/SIS such as Capita SIMS, Arbor, Bromcom, iSAMs, SchoolBase and Civica REMS to read the data. When a new user is added or existing user is updated at the MIS/SIS, their account is automatically created or updated at the on-premise Active Directory. The user is assigned the appropriate groups, and relevant SharePoint permissions. Users are synced to Azure AD and licensed based on the role and access i.e student. Identity management setup allows for teachers and students to be migrated to schools within wales during term time and for new term rollover.

SSO

This identity management component is the foundation and integration point for all applications linking into the SharePoint, Microsoft O365 and other applications including the learning and collaboration platform (LP+4) and 3rd party educational tools that use a secure single sign-on. The AD FS Federation Service is leveraged for SSO. An AD FS Federation server farm services Active Directory client requests through SSO authentication. An AD FS is also configured as load balanced. Federation server proxy exposes those core authentication services to the Internet by relaying requests and responses back and forth between Internet clients and the internal AD FS environment.

Data Sovereignty

Integral to most environments is the ability to automatically handle the management of groups for use with policies, delegation or simply mail distribution. Our solution allows the management of groups both within individual schools, or at a group/trust level allowing groups to be kept up to date automatically throughout the year, or as part of a rollover to a new academic year. These groups can be based on class/subject data as well as the pupil/teacher core data allowing for a great deal of flexibility in the options available. In addition, we create different address book policies for different schools so that the users can only see the recipients that belong to their school which is called GAL Segmentation or GAL segregation. SharePoint permission access is enabled for the correct school and class members to school and class sites.

Thought Leadership

Our collection of webinars and whitepapers

Learning in Digital Wales (5.14 mins)

A video on the Welsh national learning platform, designed and developed by Learning Possibilities, using the LP+ platform, a hybrid solution built on Microsoft SharePoint, and integrated with Microsoft Office 365.

Hwb+ and Learning Possibilities Beginnings (2.51 mins)

A video of Learning Possibilities Chairman Stephen Heppell and various Schools in Wales talking about the benefits of Hwb and Hwb+

Features of Hwb+ (0.40 mins)

The video shows all the great features you will be getting with Hwb+, the All Wales National Learning Platform.

Digital Wales (2.53 mins)

A video on the Welsh national learning platform, designed and developed by Learning Possibilties, using the LP+ platform, a hybrid solution built on Microsoft SharePoint, and integrated with Microsoft Office 365.

Managing Identity and Access at Scale

“Hwb+ [LP+] meets the objectives for the VLE which were specified, including a single user log on for all teachers and learners, ability to be accessed anywhere at any time from any device, and tools and content, most notably access to Office365, purchased through a ‘buy once for Wales’ approach.”

(Welsh Government's Learning in Digital Wales (LiDW) Report)

TOP