 |
|
|
LDAP IntegrationAccount information can be integrated with an external LDAP database to allow accounts defined within the SIS to provide authentication for e-mail, wi-fi, or other LDAP-aware services. This documentation describes the LDAP intergration support provided within the SIS. Integration with LDAP is not required for operation of the SIS. Some account management functions (e.g. deleting an account) can only be performed on the LDAP Account form, but this shouldn't be taken to imply that LDAP is required or in use. AccountsEach person defined in the database can have one or more accounts associated with them. Each account has a unique login name, and may be used for access to it's own combination of services.
ServicesSupport for specific applications is organized around Services. The service definition includes an LDAP objectClass to define what type of information should be included in the associated LDAP record, but also defines other characteristics such as what type of password should be used (called a Hash), and whether an e-mail address should be managed as part of the service. |
Along with a login and password, account information includes UNIX-specific data like group and shell, as well as general information like title, office location, phone number, and campus. This information is used in different ways by the services that are associated with an account. Details of how services use each field are described next.