Skip to end of metadata
Go to start of metadata

Introduction

Common Sign On (CSO) allows your application to authenticate against a Queen's central database of users. This database can include all active members of the Queen's community or be filtered down a subset of users. By using a central database the user is able to use their NetID and password across all applications. It also gives the application administrator an alternative to storing their password in a local database.

Resources

Service Offerings

Production LDAP

This system contains production people and course enrollment data. The data is typically accurate within a hour of the authoritative system update.

Preview/Test LDAP

This system provides a test bed for your application. Personally identifiable information has been scrubbed so it is only appropriate for testing.

Production Active Directory

This system provides a smaller subset of data but has the feature of allowing delegated administration of user groups.

Preview/Test Active Directory

This system provides a test bed for your application. Personally identifiable information has been scrubbed so it is only appropriate for testing.

LDAP Organization

There are two mains OUs (organizational units) that we store our data in.

ou=people,o=main,dc=queensu,dc=ca

All of the active University people records are stored here.

They are identified by there DN (distinguished name) of QueensuCaUniUid. The users NetID will be stored in a separate attribute "uid".

ou=groups,o=main,dc=queensu,dc=ca

This OU contains two main things; HR assignment groups and Class Enrollments.

Active Directory Organization

There are two mains OUs (organizational units) that we store our data in.

ou=people,o=ad,dc=queensu,dc=ca and ou=people,o=adtest,dc=queensu,dc=ca

All of the active University people records are stored here.

ou=groups,o=ad,dc=queensu,dc=ca and ou=groups,o=adtest,dc=queensu,dc=ca

This OU contains two main things; HR assignment groups and Class Enrollments.

  • No labels