MIT's LDAP Directory Service (ldap.mit.edu) is MIT's implementation of the standard LDAP protocol for providing directory services. It provides access to user and group membership information sourced from Moira and updated in real time, allowing application developers or administrators looking to integrate their applications with MIT's enterprise data.
As an example, wikis.mit.edu (based on Atlassian Confluence) makes use of the LDAP service for user lookups.
IS&T also offers Microsoft Active Directory services via the win.mit.edu domain. This service frequently provides an easier path for third-party and cloud solutions to integrate with enterprise directory services. If you are interested in learning more about this option, contact system-ldap@mit.edu to schedule a consultation.
Benefits and key features
- Access to MIT user and group membership information in a standard and commonly supported manner.
- Replicated across multiple servers.
- Access to data via built-in LDAP support, avoiding the need for costly local customizations.
- Many third party applications ship with support for accessing information via the LDAP protocol.
- Allows any LDAP client access to the directory.
- Supports anonymous connections for a limited set of data, similar to what can be obtained anonymously via the MIT People Directory.
- Supports both GSSAPI (Kerberos) and username/password authentication.
Requirements
- Access to some data (MIT IDs, list memberships for hidden lists) will require having an account provisioned for your use and a valid business need for the data.
Getting started
- Connect to the hostname: ldap.mit.edu.
- To request access to non-public data, contact system-ldap@mit.edu
-
The directory is rooted at dc=mit,dc=edu, with most data of interest provided under the following OUs (Organizational Units):
- ou=users,ou=moira=dc=mit,dc=edu
- ou=lists,ou=moira,dc=mit,dc=edu