How do I comply with the CIO Memo entitled "Mandating Use of the DoD Enterprise Directory Services (EDS)" and CTO 14-0025?
The CIO EDS Memo and CTO 14-0025 both mandate the use of the Enterprise Directory Services (EDS) offered by the DoD IdAM portfolio for all DoD Components. To aid in addressing the actions in the memo and TASKORD, Components should first become familiar with the DoD Enterprise attributes defined in the DoD IdAM Data Dictionary *PKI, which include the enterprise identity and contact attributes mentioned in the memo.
Please direct all inquiries regarding this guidance to the DoD EDS Team.
Components must populate and maintain up-to-date identity and contact data in DMDC's authoritative source by the dates specified in CTO 14-0025. To comply, Components should:
- Issue guidance instructing their personnel to update and verify their individual identity and contact data for work-related personas in milConnect. Instructions for utilizing the milConnect Portal can be found here.
- If Components need to add additional Duty Sub-Organizations or DoD Installations to the dropdown lists in milConnect, they should send a request to the EDS team.
- Implement processes requiring personnel to continuously maintain and verify individual identity and contact data is up-to-date in milConnect.
After a Component has ensured that personnel are populating and maintaining up-to-date identity and contact data in milConnect, they must establish an EDS connection and use it to populate local directories and Global Address Lists (GALs) by the dates specified in CTO 14-0025. To comply, Components should:
- Work with the EDS team to determine which EDS service best suits mission needs.
- Available services include DMDC's Batch Broker Service (BBS) and DISA's Identity Synchronization Service Machine Interface (IdMI).
- Work with the EDS team to establish a connection with the service(s) identified in step 4.
- Utilize the EDS feed(s) established in step 5 to populate Component directories.
- Use the EDS feed(s) established in step 5 to populate all Global Address Lists (GALs).
- Remove capabilities from local systems that allow for the modification of enterprise identity and contact attributes. Doing so will help prevent user confusion and also prevents a cycle of locally entered data being continually overwritten by EDS data.
- Mandate use of EDS for all future procurements, contracts, and technical designs.
- Identify a Component POC who will be responsible for compliance reporting and send their contact information to the DoD EDS Team. This POC will be responsible for updating the "TO 14-0025" metrics dashboard located at https://disa.deps.mil/disa/applications/jie/pages/home.aspx for your Component.
If Components cannot meet the timeline specified in CTO 14-0025 they must create a migration plan/POA&M utilizing this template and submit the plan to the DoD EDS Team for review by USCYBERCOM. After submitting an approved migration plan, Components must implement EDS following the instructions above.