Applying for Directory Access

CalNet LDAP Directory data are stored as either public or private attributes. For example, the 'cn' (common name) attribute is 'public' but 'stuid' (student ID) is 'private'. If your application only needs to access public attributes, you can use an "anonymous BIND". Your application may perform lookups and retrieve customer information without using an application-specific bind. If you need access to at least one attribute that is designated as 'private', your application will require a "privileged BIND".

Once a privileged bind has been requested, the CalNet team will contact the data proprietor the to request permission for access to the private data requested. Data proprietors are listed below.

Authoritative Sources of Data in LDAP:

Population

Data Proprietor

Authoritative Source

Staff, faculty and affiliate data

Campus HR

HCM

preSIR data

Office of Admissions

SIS

Student data, including all graduate students

Office of the Registrar

SIS

Alumni data

Office of University Relations

CADS

Guests

Individual sponsors, Departmental sponsors, CalNet

Departments, SIM

Application binds

CalNet

LDAP - based on approved bind requests

Org Units

Campus HR

HCM

Once permission has been received, the CalNet team will create a test bind to allow the developer to write the necessary code to use the bind. When the developer decides that the code works in test, the production bind will be created.

For a list of public and private CalNet attributes, please visit the People Attribute Schema page and check the attributes for the appropriate population.

To apply for a privileged CalNet Application Bind, you will need to gather the information below. Submit your request for a new LDAP bind, or changes to an exsiting bind, via ServiceNow Service Request form.

  • Application Name
  • Application Functional Owner/Department and Contact Information
  • Application Technical Contact Information
  • Application Production target date
  • Brief description of application
  • Who will use the application and how will the requested data be used?
  • If data will be stored, indicate where (e.g., type of machine, physical location, hostname, database platform)
  • Identify the private (not publicly accessible) attributes your application will need (see CalNet attribute list). Use of private attributes will require approval from the campus organization that 'owns' the data, e.g., Office of the Registrar (OR) for student email information.