LDAP Service DNs

Jump to…
ldap

LDAP Service Credentials

Please see the LDAP Home for information on the services available on ldap.rutgers.edu. This page is for staff developing services that want to use ldap.rutgers.edu for authentication and/or authorization. In most cases those services will need to register, and receive a special DN. The service will authenticate with this service DN and the password associated with it.

To obtain a service DN submit a ticket for LDAP Support. Your request should contain the following information:

  1. Acknowledgment that you have read and agreed to the Agreement for Accessing University Information.
  2. Acknowledgment that non-public information (i.e. information not available through public sources such as the Rutgers Online Directory) that you access from ldap.rutgers.edu will be used only to authenticate or control access to your application, unless you specify other uses.
  3. Acknowledgment that non-public data obtained using this DN will not be presented to users by your application, nor will you divulge it to others, unless you specify other uses.
  4. Acknowledgment that the service DN and password, as well as user passwords and other non-public information, will be transmitted only via SSL or equivalent technology. This includes communications between your application and our server, and also any communications involved in making use of the data you retrieve from us.
  5. A brief description of the types of applications you intend to support.
  6. A suggestion for how the DN should be named. If you intend to use it for all applications within a department, the name will be based on the department. However in some cases it makes more sense to associate it with a specific project.
  7. One or more technical contacts for the project. We will notify these contacts before making significant changes to ldap.rutgers.edu. (In this case the contacts will be registered as DN’s, not email addresses. We assume we can reach the contacts at the email addresses listed in LDAP. Unless you have done something else, this will be the email address registered in the Registry/PDB.)
  8. Mention it specifically if you need access to course rosters, student ID, employee ID, Reporting Relationship Code, or home/dorm address information. Depending upon who you are, which data you need, and how you are using it, we may need to ask permission from the appropriate data custodian. Access to these items is controlled separately, so only applications that are authorized to use that data can see it.

Note: Non-public data means data that is not visible via the Rutgers online directory. Note that students have the ability to restrict which data about this is visible, so if you don’t implement those choices, all data about students (even the existence of a particular student) is non-public. Faculty and staff now have the ability to restrict email addresses to Rutgers use only, so faculty/staff email addresses should be considered non-public unless you implement those restrictions.

The employee ID is normally but not always the SSN. Access is controlled separately for student ID and employee ID, so please specify which you need.

Access to home and dorm address/phone are controlled separately for students and faculty/staff, so please specify which you need.

In general access to data about people must be approved by the data custodian, in this case University HR and/or the Registrar. We have blanket permission to use most (but not all) of this data for authentication and authorization. If usage of non-public information goes beyond what we have permission for, we will need to consult the data custodians on your behalf, to make sure we aren’t abusing our permissions.

The DN will be sent to you via email along with information on how to retrieve the password

Related Articles