Table of Contents
|LDAP, Production||ldap.hawaii.edu||636 for LDAPS, 389 if using startTLS||cleartext or anonymous binds are rejected, a Special DN is required|
|LDAP, Test||ldap-test.its.hawaii.edu||636 for LDAPS, 389 if using startTLS||cleartext or anonymous binds are rejected, a Special DN is required|
- Connecting to LDAP is referred to as binding.
- You cannot bind to LDAP anonymously, credentials are required.
Our UH LDAP service features three branches
By default a Special DN provides access to the "people" and "misc" branches.
- All people who have received a UH Number, meaning anyone who was, is or will shortly be a student, faculty, staff or guest at UH.
- See also UH Role Assignments and Transitions
- The UH Online Directory relies on this branch for providing contact information for people.
- Departmental/ Group UH Usernames
- Visiting individuals who have have been granted the ability to access the Internet from our campus(es).
- Department listings, primarily used for printing or providing PDFs of the University Phone Directory.
Data Element Dictionary
Using LDAP to verify a UH username and password
- See LDAP Authentication
- If you wish to limit use of your app to certain roles and/or campuses, you should retrieve the affiliations of the person associated with the authenticated username, and allow only those matching your criteria to pass through.
You should also look into CAS (the UH Web Login Service) as the preferred and highly recommended alternative to using LDAP for authentication.
- Retrieve LDAP values using PHP
- Example call to ldap_lookup function (PHP)
- Retrieve LDAP values using C++
- Retrieve LDAP values using Haskell
- Retrieve LDAP values using Groovy
- Retrieve LDAP values using Perl-5
- Retrieve LDAP values using PHP-5
- Retrieve LDAP values using Python-3
- Retrieve LDAP values using Ruby
- Retrieve LDAP values using Scala
There is an active UH community of developers and a good chance that at least one of them has experience with your scenario. It is well worth joining this community's email list if you've not already done so. For details, visit UH Applications Developers Forum page. Note that the ITS Identity and Access Management team also participates on this list.