Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 43 Next »

Element Name

uhReleasedGrouping

Description

Allow application developers to implement a central authorization management resource, UH Groupings, outside of their applications. This reduces the amount of custom code to write and support and provides for the reuse of Groupings across multiple applications.

This attribute asserts UH Grouping memberships as needed.  UH Grouping memberships can be used to assert who is authorized to access an application and/or can be used to control which functions and information an individual may access while using an application.

UH Groupings owners may select this attribute as an optional "publication destination" in order to make membership information available to CAS-enabled applications. 

While membership updates to a UH Grouping are usually reflected in this attribute within 2 minutes, updates can take much longer when Grouper is under heavy load.

As an added convenience, ITS provides various uhReleasedGrouping values available for general use (this page is restricted to the UH community).

UH Data Classification

Restricted

  • Data is only for official use within the UH community and not for release to external parties, except under the terms of a written memorandum of agreement or contract.

LDAP Attribute Info

  • Name: uhReleasedGrouping
  • OID: 1.3.6.1.4.1.2160.1.1.1.66
  • Indexing: yes (equality,substring)
  • Required: no
  • Multivalued: yes(1)

Required Format for Storage

string(256), format: {a..z}{A..Z}{0..9}{-._+=}

Example Stored Data(2)

manoa-campus-arboretum-club-members

Systems of Record 

Notes

  1. There is no significance to the order of appearance. No assumptions can be made about the contents of the first row, for example.
  2. The full path of the grouping won't be used.  Only the group id, the last component of the colon-separated path will be used.  The namespace is controlled to avoid collisions even if the full path is not used here.
  3. Information on the UH Groupings service is available: UH Groupings.
  4. Information on the CAS service is available: UH Web Login Service.
  5. This attribute may indicate that a person is a student, which is FERPA-protected information, hence the "Restricted" data classification.
  • No labels