Changes between Version 62 and Version 63 of IamUaArp

Timestamp:

06/10/13 14:26:30 (11 years ago)

Author:

dabantz@…

Comment:

--

IamUaArp

@@ -22 +22 @@
 '''eduPerson attributes''' - these attributes defined in national standards provide identifiers in specific formats and indications of your relation to the University
 
- '''eduPersonAffiliation''' - one or more of the following: Student, Employee, Staff, Faculty, Member, or Affiliate. Member designates a person who is part of the University of Alaska and generally entitled to information services, even if not formally a student or employee; it includes campus-based researchers with external funding, faculty emeriti, and some others. Affiliate designates merely that the person has a record in the UA IdP, but is not automatically eligible for services, and may be used for those with a limited specific affiliation with UA such as short-term guests.
+ '''eduPersonAffiliation''' - (sometimes abbreviated as ePA) one or more of the following: Student, Employee, Staff, Faculty, Member, or Affiliate. Member designates a person who is part of the University of Alaska and generally entitled to information services, even if not formally a student or employee; it includes campus-based researchers with external funding, faculty emeriti, and some others. Affiliate designates merely that the person has a record in the UA IdP, but is not automatically eligible for services, and may be used for those with a limited specific affiliation with UA such as short-term guests.
 
  '''eduPersonEntitlement''' - permissions or entitlements based on your role(s) at UA; may additionally be scoped to a department or (in the future) course. For example: for a student in Chemistry at UAF-main campus, learner@urn:mace:alaska.edu:itunesu:UAF - Main Campus:Chemistry
@@ -28 +28 @@
  '''eduPersonInstitutionalMail''' - An email address assigned to the individual in the alaska.edu domain,  Distinguished from email by requirement of UA domain ("!...@alaska.edu") and from EPPN and eduPersonUnique ID in that it is intended for use by services to send email to users within the domain: delivery (directly, via email routing, or via forward) to a mailbox under control of the user.  [''in draft awaiting formal approval from standards body'']
 
- '''EPPN''' (eduPersonPrincipalName) - A unique identifier comprised of your UA username followed by "@alaska.edu"; while it has the look of an email address, it does not signify that this is a valid email address or your preferred email address; example: !jpjones3@alaska.edu.
+ '''eduPersonPrincipalName''' (sometimes abbreviated as ePPN) - A unique identifier comprised of your UA username followed by "@alaska.edu"; while it has the look of an email address, it does not signify that this is a valid email address or your preferred email address; example: !jpjones3@alaska.edu.
 
  '''eduPersonTargetedID''' - An opaque identifier unique to the combination of the authenticated person and the application; because it is different for each application, and does not itself reveal the identity of the user, it enables the application to track preferences or make bookmarks for the user, but does not enable that use information to be correlated with use in other applications or to a real person; example: 84e411ea-7daa-4a57-bbf6-b5cc52981b73
@@ -64 +64 @@
  '''[=#bannerId UA ID#]''' (released as bannerId)- the unique numeric identifier assigned to all employees and students ("employee ID#", "student ID#") commonly used for UA login and account ids; example: 30123456
 
- '''[=#uaUsername UA Username]''' (released as uaSystemID) - the unique name-based identifier commonly used for UA login and account ids;  example: jpmorgan
+ '''[=#uaUsername UA Username]''' (released as uaSystemID and as uaUsername) - the unique name-based identifier commonly used for UA login and account ids;  example: jpmorgan, pdsmith3
 
  '''[=#uakPersonID uakPersonID]''' - see eduPersonUniqueID.  UA-defined unique identifier using UA ID# parallel to the name-based EPPN, but using the unchanging numeric ID # assigned to all students and employees; intended to substitute for EPPN when the Service Provider needs an unchanging identifier for each user; example: !30123456@alaska.edu
 
- '''[=#uaSystemLegacyID uaSystemLegacyID]''' - usernames based on the prior UA convention that is used in some legacy systems, based on one letter designation of your MAU (a, f, j, s), role (s, f, n, x, h) and initials; examples: asabc2, fxpqr
+ '''[=#uaksAMAccountName UA sAMAccountName]''' (released as uaksAMAccountName) - the key identifier in the UA (Microsoft Windows) Domain; in the UA Domain this has value identical to UA Username for all students and employees.
+
+ '''[=#uakSystemLegacyID uakSystemLegacyID]''' - usernames based on the prior UA convention that is used in some legacy systems, based on one letter designation of your MAU (a, f, j, s), role (s, f, n, x, h) and initials; examples: asabc2, fxpqr
 
  '''[=#UDCID UDCID]''' (Banner UDC Identifier) - an unchanging, Banner-generated, 32-character, alphanumeric value; it is an opaque (not intended to be human-readable) identifier used in Banner-related applications; example: GXgX9A£4LhGpthOsuyjvu-SKmae2IRzo
 
-'''UA faculty/staff info'''
+'''UA faculty/staff information'''
 
  '''[=#assignmentCount assignmentCount]''' - UA employee's number of current assignments or jobs; value of 1 is typical and indicates an active employee; value of 0 indicates an employee with no current assignment or job, such as an occasional employee, adjunct faculty not currently teaching, faculty on sabbatical or other leave.
@@ -82 +84 @@
  '''title''' - working or informal title at UA; examples: Professor of Biology or Instructional Designer
 
- '''[=#TKL TKL]''' - "Time Keeping Location" from employees' HR record; example: T801; deprecated for non-HR use or authorization because it has no firm connection to the employee's department, work location, or role, but rather indicates one of the locations at which time cards were historically collected and paychecks distributed.  
+ '''[=#TKL TKL]''' - "Time Keeping Location" from employees' HR record; example: T801; deprecated for non-HR use or authorization because it has no uniform simple connection to the employee's department, work location, or role, but rather indicates one of the distributed locations or control points for managing employee records.
+
+ '''[=#uakEmployeeCampus uakEmployeeCampus ]''' - campus to which the employee's home department belongs; example: UAF Main, UAA Kenai Peninsula College
 
  '''[=#uakEmployeeDept uakEmployeeDept]''' - department name of an employee's home department from personnel record in Banner HR; example: CLA Philosophy & Humanities
 
- '''[=#uakEmployeeCampus uakEmployeeCampus ]''' - campus to which the employee's home department belongs; example: UAF Main, UAA Kenai Peninsula College
-
  '''[=#uakEmployeeAffiliation uakEmployeeAffiliation]'''
 
- '''[=#uakEmployeeFacultyAffiliation uakEmployeeFacultyAffiliation]''' - academic program(s) in which a faculty member is currently an instructor of record; note that program names are not identical to department names; examples: UAF - eLearning & Distance Ed|Philosophy, UAF - Fairbanks Campus|Biology & Wildlife
+ '''[=#uakEmployeeFacultyAffiliation uakEmployeeFacultyAffiliation]''' - academic program(s) in which a faculty member is currently an instructor of record; note that academic program names are not identical to employee department names; examples: UAF - eLearning & Distance Ed|Philosophy, UAF - Fairbanks Campus|Biology & Wildlife
 
-'''UA student info'''
+'''UA student information'''
 
  '''[=#creditHoursCurrent creditHoursCurrent]''' - current student enrollment in credit hours; some services may require a minimum number of credit hours
@@ -104 +106 @@
 The following applications rely on the UA IdP for authentication and receive the information (attributes) indicated upon successful authentication (login).
 
-'''ARSC''' - EPPN
+'''ARSC''' - ePPN
 
 '''AskUA''', aka '''Right Answers''' (Help Desk Knowledgebase Portal): UA Username, group membership, eduPersonAffiliation
@@ -110 +112 @@
 '''Atomic Learning''' (instructional videos) : surname, given name, UA ID#, EPPN, email, eduPersonAffiliation, and "!AtomicLearningCampus" (combined set of values of uakStudentCampus and uakEmployeeCampus)
 
-'''Blackboard Connect''' (Emergency Communications) EPPN, UA ID#, givenName, surname [released under specific attribute names required by this vendor: BBConnectFedID, !ContactRefCode, !FirstName, !LastName]
+'''Blackboard Connect''' (Emergency Communications) ePPN, UA ID#, givenName, surname [released under specific attribute names required by this vendor: BBConnectFedID, !ContactRefCode, !FirstName, !LastName]
 
 '''CTSI''' (Clinical and Translational Sciences) - see IndianaCTSI
@@ -116 +118 @@
 '''Data Cookbook''' (Data analysis, limited to licensed users) - bannerID
 
-'''!DigitalMeasures''' (Faculty activity reporting) - EPPN
+'''!DigitalMeasures''' (Faculty activity reporting) - ePPN
 
-'''!DocuSign''' (electronic signatures) - EPPN (in test)
+'''!DocuSign''' (electronic signatures) - ePPN (in test)
 
 '''Dreamspark''' (Microsoft's full suite of software development tools): (none!)
 
-'''EDUCAUSE''' (EDUCAUSE Portal): eduPersonTargetedID (PersistentID), EPPN, surname, givenName, email, eduPersonScopedAffiliation (!affiliation@alaska.edu)
+'''EDUCAUSE''' (EDUCAUSE Portal): eduPersonTargetedID (PersistentID), ePPN, surname, givenName, email, eduPersonScopedAffiliation (!affiliation@alaska.edu)
 
 '''eduroam''' (roaming wireless network access)
 Attributes released by UA IdP: EPPN
 
-'''EZProxy''' (access to UAF Rasmuson Library licensed scholarly databases): EPPN, eduPersonEntitlement and standard values of eduPersonAffiliation
+'''EZProxy''' (access to UAF Rasmuson Library licensed scholarly databases): ePPN, eduPersonEntitlement and standard values of eduPersonAffiliation
 
 '''Faculty180''' (Faculty Activity Reporting) UA ID#, common name, givenName, surname, email
 
-'''GINA''' EPPN
+'''GINA''' ePPN
 
 '''Google''' (Google Apps for Higher Ed, including email, calendar, docs; currently only in proof-of-concept): UA Username
 
-'''IAM @ UA''' -  this IAM wiki - EPPN
+'''IAM @ UA''' -  this IAM wiki - ePPN
 
-'''IndianaCTSI''' (research, research grant, and collaboration tools): EPPN (researchers will be promoted to provide name and email to the service)
+'''IndianaCTSI''' (research, research grant, and collaboration tools): ePPN (researchers will be promoted to provide name and email to the service)
 
 '''Internet2 mailing lists''' eduPersonAffiliation, email
 
-'''iTunesU''' (University of Alaska section for podcasts in Apple's iTunes): EPPN, Transient ID, eduPersonTargetedID (old format), eduPersonEntitlement
+'''iTunesU''' (University of Alaska section for podcasts in Apple's iTunes): ePPN, Transient ID, eduPersonTargetedID (old format), eduPersonEntitlement
 
-'''!InfoEd''' (research administration): EPPN, UA ID#
+'''!InfoEd''' (research administration): ePPN, UA ID#
 
 '''Intellex''' (Environmental Health & Safety training): UA Username, UA ID#, email
@@ -149 +151 @@
 '''Kuali Ready''' (Disaster Recovery Planning) UA ID# scoped, displayName, given name, surname, email, telephone number
 
-'''NSF''' (National Science Foundation, including !FastLane for PIs): EPPN, given name, surname, common name, email
+'''NSF''' (National Science Foundation, including !FastLane for PIs): ePPN, given name, surname, common name, email
 
 '''NIH''' (National Institutes of Health resources; services tbd): given name, surname, email
 
-'''Parking @ UAF''' : EPPN, UA ID#
+'''Parking @ UAF''' : ePPN, UA ID#
 
 '''People.alaska.edu''' - web gateway for UA Enterprise Directory: uaUsername
 
-'''Shibboleth.net''' (wiki and issues tracking for Shibboleth project) - EPPN, givenName, sn, cn, 
+'''Shibboleth.net''' (wiki and issues tracking for Shibboleth project) - ePPN, givenName, sn, cn, 
 
-'''Spaces''' (Internet2 wiki at spaces.internet2.edu): EPPN, eduPersonEntitlement and standard values of eduPersonAffiliation
+'''Spaces''' (Internet2 wiki at spaces.internet2.edu): ePPN, eduPersonEntitlement and standard values of eduPersonAffiliation
 
-'''Staff Council @ UAF''' : EPPN, UA ID#, given name, surname, email, telephone number, employee type, TKL, title, employee affiliation
+'''Staff Council @ UAF''' : EePPNPN, UA ID#, given name, surname, email, telephone number, employee type, TKL, title, employee affiliation
 
 '''Study Abroad @ UAF''' : UA ID#, given name, surname, email, 
 
-'''TAB @ UAF''' : UA ID#, EPPN, display name, email, telephone number, employee affiliation, eduPersonAffiliation
+'''TAB @ UAF''' : UA ID#, ePPN, display name, email, telephone number, employee affiliation, eduPersonAffiliation
 
-'''Trac''' (wiki, technical documentation and internal tracking for IAM-related projects): EPPN
+'''Trac''' (wiki, technical documentation and internal tracking for IAM-related projects): ePPN
 
 '''UAA Tickets''' : cn (common name), displayName, eduPersonAffiliation, mail, uakStudentCampus, creditHoursCurrent
 
-'''UAlaska network''' (authenticated access to UA wired network): EPPN
+'''UAlaska network''' (authenticated access to UA wired network): ePPN
 
-'''Win for Alaska''' (Wellness programs for UA Employees): EPPN
+'''Win for Alaska''' (Wellness programs for UA Employees): ePPN