Archives

Identity and Authentication Services

""   Overview and Key Features:

The University of Toronto’s central IT team manages and supports core Microsoft 365 infrastructure services to enable secure, seamless and efficient collaboration across the institution. As part of this service, we oversee daily operations related to identity management (Entra ID), email services (UTMail+) and authentication and access controls.

These services are foundational to supporting students, faculty and staff with access to Microsoft 365 applications including Exchange Online, SharePoint, Teams, and more.

Entra ID:

  • Identity lifecycle management for all users and groups
  • Microsoft 365 administrative role assignments and governance
  • Directory synchronization and federated identity configuration
  • Integration of third-party and in-house applications with the Microsoft 365 tenant

UTMail+ Email Services:

  • Management of mailbox operations for faculty, staff, and students
  • Email authentication configuration (SPF, DKIM, DMARC)
  • Handling eDiscovery, retention policies, and litigation hold
  • Anti-spam and anti-phishing rule management
  • Troubleshooting mailbox issues and delivery concerns

Authentication & Security Controls:

  • Management of Multi-Factor Authentication (MFA) policies
  • Privileged Identity Management (PIM) setup and role elevation
  • Conditional Access policies to protect University data and systems

 

""   Getting Started:

If you need assistance with any of the services listed above, please submit a ticket through the Enterprise Service Centre (ESC)

  •  Ticket Review and Fulfillment
    Our team will review the request, triage as needed and work with your department to address the issue or complete the requested task.
  •  Follow-Up or Escalation
    For complex or unresolved issues, further assistance will be coordinated with specialized support teams or vendor engagement if required.

 

""   Get Help:

If you’re looking to get started or have any questions or concerns, we recommend beginning by reviewing the relevant resources:

Electronic Signature Services

""   Overview and Key Features:

DocuSign enables departments to prepare, manage, and take action on electronic agreements efficiently. Documents can be signed electronically (eSignatures) by both internal and external users using a variety of devices.

All signatures processed through DocuSign comply with the U.S. ESIGN Act and the European Union’s eIDAS regulation, including support for EU Advanced and EU Qualified electronic signatures.

""   Getting Started:

""   Get Help:

Divisional Intune Access (DITA)

""  Overview and Key Features:

The Divisional Intune Access (DITA) program is designed to provide departments with access to Microsoft Intune and deliver technical training to local IT staff.

By the end of the program, departments will be equipped with the tools and knowledge needed to enroll newly procured devices and migrate existing ones into the University of Toronto’s Intune environment. Participants will gain exposure to best practices and hands-on tools, enabling them to configure, deploy, troubleshoot, and manage devices independently.

The program supports Windows and iOS/iPadOS devices, with MacOS support available upon request. Access to the Intune environment requires the creation of specialized accounts in collaboration with Information Security to access the Microsoft Intune Admin Centre and related systems.

A dedicated Microsoft Teams space will be used as the primary channel for communication throughout the program. This space will also serve as a repository for training materials, meeting recordings, and tools.

""   Getting Started:

For general information please reach out to Vince To or Jimmy Au.

To add your department to the upcoming DITA schedule, please reach out to Gary Raposo or Vicki Vokas.

 

Digital Workplace Support Services

Product overview - Free business icons   Overview and Key Features:

The Digital Workplace’s Managed Desktop Service helps departments meet their everyday technology needs efficiently and reliably. This service ensures that workstation environments are set up, maintained, and supported in line with university standards.

""   Getting Started:

Digital Workplace Support includes a wide range of setup and support services:

  • Device management via Intune for Windows, macOS, and iOS platforms

  • Workstation setup (including unpacking, connecting, and configuring monitors, hubs, printers, and other peripherals)

  • Troubleshooting and support for laptops and desktops

  • Network and VPN connectivity support

  • Microsoft 365 assistance (e.g., UTmail+, Teams, OneDrive, SharePoint)

  • UTORcsi service support (e.g., access to network shares)

  • Installation and updates for software and patches

  • Virus, malware, and ransomware prevention and remediation

  • Mobile device setup using standard U of T applications

  • Support for third-party applications (e.g., EMS, Zoom, AV systems)

  • Onboarding and orientation support for new hires

  • UTORid and Duo Multi-Factor Authentication (MFA) assistance

  • Equipment recommendations and procurement guidance

""   Get Help:

For Digital Workplace clients only: uoft.me/dw

Network Address Management

""   Overview and Key Features:

Occasionally, university faculties, departments, or individuals may require a new top-level domain (TLD) under the university’s official domain name, utoronto.ca. This typically occurs when launching a new web service or renaming an existing one.

TLDs are typically reserved for academic or administrative units of the University (i.e. a school, department, centre, institute or administrative organizational unit of the university).

""   Getting Started:

Make a request for a domain name using the online form: https://ipam.utoronto.ca/portal/  (Please note that you must be on the UofT’s network or be connected to the UTORvpn service to access the form and you will be prompted to authenticate using your UTORID and password and multi factor authentication (MFA).

Select the button “Request a Subdomain”

From there, you will be asked several questions:

  • The names of the administrative and technical contacts for the domain name.
  • The Department/Faculty/Division making the request.
  • Whether you will be running your own name server or wish ITS to do that for you.
  • Whether there will be a web site associated with the name.

""   Get Help:

If you have any questions related to the above information, please email the ITS Joint Operations Group: en.help@utoronto.ca

AI-Assisted Productivity Tools

""  Overview and Key Features:

With Microsoft Copilot Chat, you can ask the AI chatbot questions and get detailed responses with footnotes that link back to original sources. Because it is connected to Microsoft’s search engine, it can provide users with up-to-date information and real links, which may make it a better research and teaching tool than ChatGPT.

The Microsoft Copilot service is currently available to the public, but the public version does not have full privacy and data protections; instead, the University has access to an enterprise edition, which does conform to the University’s usual privacy and data protections. This document describes how Faculty, students and staff (with access to the Microsoft toolkit) can access this protected version of Copilot.

Key Features:

  • Uses web search and will provide links to the sources of information it quotes/finds.
  • Your chat data is not used to train models. The data is not available to Microsoft.
  • Copilot cannot access your other Microsoft 365 data.  It does not work on Outlook email, Teams messages, SharePoint files, etc.
  • You can upload a local pdf file or document file and ask contextual questions, for example, “Make 10 quiz questions based on chapter 3 of this pdf”.

 

""  Getting Started:

You can access Microsoft Copilot Chat by navigating to m365.cloud.microsoft/chat and follow the prompts to login to your University of Toronto Microsoft 365 account.

Your interactions with the AI-powered chat tool will not be in the protected environment if you do not sign in with your University of Toronto account.

Cloud Subscription Management

""  Overview and Key Features:

An Azure subscription provides access to Microsoft’s cloud platform enabling University of Toronto departments to deploy, manage and consume services such as virtual machines, storage, databases and networking. Each subscription acts as a logical container for billing, service usage and resource management within U of T’s Microsoft tenant.

At the University of Toronto, Azure subscriptions are provisioned by Enterprise Apps & Solutions Integration (EASI) and transferred to designated departmental owners for day-to-day operations. Departments are expected to have sufficient technical expertise to manage their Azure environments, including billing independently.

For additional support beyond initial provisioning, departments may contact Enterprise Infrastructure Solutions (EIS) by submitting a request through the Enterprise Service Centre (ESC).

Key Features:

  • Azure Subscription Access: Provides U of T departments with full access to Azure cloud services under the University’s Microsoft tenant.
  • Departmental Ownership: Departments are assigned as subscription owners to manage their Azure resources, security and costs.
  • Cost Responsibility: Departments are responsible for monitoring, managing and funding their Azure resource consumption.
  • Optional Support: Support is available through EIS by opening an ESC ticket as needed.
  • Billing Integration: Departments must provide their CC and CFC information for billing and financial tracking.

Governance Compliance: All subscriptions must comply with the University of Toronto’s cloud governance, security and operational policies.

 

""   Getting Started:

To request a new Azure subscription at the University of Toronto:

Submit an ESC Ticket

Open a ticket through the Enterprise Service Centre (ESC) system. Include the following information:

  1. Requesting department name
  2. Primary subscription owner and alternate contact
  3. Purpose of the subscription or project description
  4. Any specific configuration requests (if applicable)

Provisioning and Handover

EASI will provision the Azure subscription and assign ownership to the requesting department’s designated contacts.

Post-Provisioning Support

Departments requiring additional Azure support may submit further ESC tickets to EIS for assistance, consultation or issue resolution.

Password Management Service

,

""Overview and Key Features:

1Password is a cloud-based, cross-platform password management solution that allows users to organize and store all passwords in one secure place.

Password re-use (using the same password across multiple accounts) is a significant contributor to data breaches, as stolen credentials can be exploited to gain unauthorized access to other accounts. To address this vulnerability, the University of Toronto has acquired 5,000 1Password Business licenses for staff, faculty and librarians and six years of 1Password Families at no cost for students.

""Getting Started:

To set up your 1Password account, visit:

"" Get Help:

For more information and FAQs, visit the password manager page.

Directory and Authentication Services

""   Overview and Key Features:

Enterprise Active Directory (EAD) is a platform that provides authorization, roles and group services. It is a central database containing users’ information that is used for authentication and authorization. EAD is integrated into almost all major computing systems in the University and provides access to services such as Office 365.

There is no specific front-end usage of EAD. What it does remains transparent while it authenticates and authorizes you to access services – no action is needed from users. For additional information about EAD, see the Enterprise Service Centre Knowledge Base.

""   Getting Started:

There are over 65 separate instances of active directories within U of T. If you are managing one of these instances and would like to integrate with EAD, please submit a ticket through the Enterprise Service Centre to discuss your application.

""   Get Help:

EAD is managed and maintained by the Identity and Access Management (IAM) team. To contact IAM about EAD, please create a ticket through the Enterprise Service Centre.

There is a mailing list for EAD, which is used to send messages about the bi-monthly update meeting. To subscribe, send an email containing “SUBSCRIBE ENTERPRISEAD-L” in the message body to listserv@listserv.utoronto.ca.

Cloud Infrastructure Hosting

""  Overview and Key Features:

The ITS Azure Cloud Infrastructure team, part of the Systems and Solutions Group (SSG) within Enterprise Infrastructure Solutions (EIS), provides expert guidance and hands-on support for departments and divisions looking to adopt Microsoft Azure solutions.

We offer consultation services, establish secure and scalable landing zones, and deliver Platform as a Service (PaaS) capabilities through a shared Azure subscription.

Available Services include:

  • Cloud Consultation: Architecture and planning support for Azure adoption

  • Azure Landing Zones: Design, implementation, and ongoing management

  • Azure Cloud Platform as a Service (PaaS): Hosting and infrastructure services within the EIS Azure environment

Learn More:

""  Getting Started:

""   Get Help: