COM-FSM

LDAP Integration

Page last modified 07:42, 21 Feb 2012 by kgirrard
    Table of contents
    1. 1. Accounts
    2. 2. Services

    Version as of 19:53, 9 Dec 2019

    to this version.

    Return to Version archive.

    View current version

    Account information can be integrated with an external LDAP database to allow accounts defined within the SIS to provide authentication for e-mail, wi-fi, or other LDAP-aware services. This documentation describes the LDAP intergration support provided within the SIS.

    Integration with LDAP is not required for operation of the SIS. Some account management functions (e.g. deleting an account) can only be performed on the LDAP Account form, but this shouldn't be taken to imply that LDAP is required or in use.

    Accounts

    Each person defined in the database can have one or more accounts associated with them. Each account has a unique login name, and may be used for access to it's own combination of services.

    LDAPAccount.pngAlong with a login and password, account information includes UNIX-specific data like group and shell, as well as general information like title, office location, phone number, and campus. This information is used in different ways by the services that are associated with an account. Details of how services use each field are described next.

    Services

    Support for specific applications is organized around Services. The service definition includes an LDAP objectClass to define what type of information should be included in the associated LDAP record, but also defines other characteristics such as what type of password should be used (called a Hash), and whether an e-mail address should be managed as part of the service.

    Powered by MindTouch Core