LDAP, Campus LDAP Server Schema at UIUC
This page contains information about the Urbana-Champaign Campus LDAP server schema.
Download the latest schema file
The Campus LDAP schema (in Excel format) was last updated on August 1, 2017.
Levels of availability
There are two different levels of availability for the information in these fields. These levels include:
Public: This information is available to all users who query the ldap.illinois.edu server from an on-campus IP or from off-campus through the campus VPN.
Restricted: This information is only available to
individuals who have a specific business need for it and who have been
granted access by the Technology Services Identity and Access Management team. (uiucEdu and eduPerson class attributes)
Individuals in need of restricted information should contact adsupport@illinois.edu to explain their business need and to be granted access.
How various fields are populated
The following are notes on how various LDAP attributes are populated.
- Affiliation based on type: The eduPersonAffiliation (and the related eduPersonPrimaryAffiliation attribute) has a controlled vocabulary defined by the eduPerson (external link) specification: student, staff, member, affiliate, employee. The uiucEduType values are mapped into these affiliation values as follows:
uiucEduType value eduPersonAffiliation values staff, emeriti staff, employee, member student, extramural student, member retired, unihigh, olli member allied, iei, special affiliate extrahelp employee degree alum The eduPersonPrimaryAffiliation attribute is intended to represent the primary role of the individual. The first value in the following list that occurs in the eduPersonAffiliation attribute is chosen as the primary affiliation: staff, student, member, employee, affiliate, alum.
- The nickname attribute: The following rules are currently in place for generating values for eduPersonNickname from the nickname field in the Electronic Directory Editor:
- nickname is converted into pure ascii and broken into 'tokens' (by whitespace and other separators). If the token is longer than nine characters, has anything other than alphanumeric characters, or is a common word (e.g., 'and', 'are'), it is discarded.
- Value generation for name-related attributes:
In order to provide applications an easy way to determine the 'most official' form of the name, there are several name attibutes that have a single value. The displayName attribute contains your full name, your official University name from Banner by default. And, the attributes uiucEduFirstName, uiucEduMiddleName, uiucEduLastName, and generationQualifier (name_suffix) contain the name components. (Move to table)
- Value generation for address-related attributes: The various official institutional address fields in Banner all have a corresponding attribute in the directory, with the standard LDAP attribute postal Address is populated with the campus address for staff and faculty and the permanent address for students.
- Value generation for phone-related attributes: The
various official institutional phone fields in Banner all have a
corresponding attribute in the directory, The standard LDAP attribute telephoneNumber
is populated with the campus phone for staff and faculty and the
permanent phone for students. All the official phone values are
reformatted into the international form as described in E.123 for number format.