ldap

Print this page 

Enterprise LDAP Service

ITS supports an enterprise LDAP service that software applications can use to authenticate users with their VUnetID and E-Password. This directory service is a highly available redundant service integrated with the centralized identity management service. LDAP service points and nodes are located in several areas to support both campus and medical center applications.

Applications that are windows based and need access to windows domain resources should not use this LDAP service, but should use the Enterprise Active Directory Service.

There are two components to Vanderbilt’s enterprise LDAP service that applications can leverage:

EPassword LDAP

The E-Password LDAP service supports all VUnetID accounts that are currently affiliated with Vanderbilt. This includes all current students, faculty, staff and others with an active VUnetID. Applications that use this LDAP service can verify a user’s VUnetID and E-Password and access additional attributes about the authenticated user. Utilizing these additional attributes in the LDAP directory service enables the application to offer a more rich experience for the end user. These attributes include directory information about the authenticated user, which include name, email address, contact information and other key identifiers.

Once an individual is no longer affiliated with Vanderbilt, their E-Password access is revoked. Depending on the type of account, this can happen immediately, or after a set period of time.

VUnetID for Life

The VUnetID for Life LDAP service supports all VUnetID accounts created since May of 2009. If your VUnetID was active at that time, your account was automatically created within this service. All future VUnetID accounts will also be added automatically to this service. VUnetID for Life is a special directory service that continues to support an individual’s VUnetID and E-Password even after they are no longer an active student, faculty or staff member. This allows users to continue to authenticate and verify their identity with applications that choose to leverage this service.

In addition to supporting authentication, account information is available for authorized resource IDs which can be used for determining high level authorization decision. Information such as employment and student status is available, along with other unique keys for this account to other matching systems.

For more information about using either of these enterprise services please fill out a request to use VUnetID authentication.