...
LDAP for directory services is supported by special request and requires executive management approval. Contact the IAM team at <its-iam-help@lists.hawaii.edu> to inquire.
LDAP for Authentication
...
| Warning |
|---|
DEPRECATED: see the UH Login service instead |
...
| Info |
|---|
The core UH LDAP servers are virtually fronted with ldap.hawaii.edu and are based on the uhEduPerson schema. For email clients, see http://www.hawaii.edu/askus/823. |
Accessing LDAP
| LDAP Environments | host | port | comments |
|---|---|---|---|
 LDAP, Production | ldap.hawaii.edu | 636 for LDAPS, 389 if using startTLS | cleartext or anonymous binds are rejected, a Special DN is required |
| LDAP, Test | ldap-test.its.hawaii.edu | 636 for LDAPS, 389 if using startTLS | cleartext or anonymous binds are rejected, a Special DN is required |
- Connecting to LDAP is referred to as binding.
- You cannot bind to LDAP anonymously, credentials are required.
- You must request a special DN in order to bind per UH Data Governance policies.
- Special DNs are only granted when CAS (the UH Web Login Service) will not suffice.
- Special DN requests are subject to E2.215 and may require a Data Governance approval.
- If you use persistent connections to LDAP, you should have code that detects broken connections and re-establish them.
...