MIT's LDAP Directory Service (ldap-too.mit.edu) is MIT's implementation of the standard LDAP protocol for providing directory services. It provides access to user and group membership information sourced from Moira, allowing application developers or administrators looking to integrate their applications with MIT's enterprise data to do so.
Some examples within IS&T are wikis.mit.edu (based on Atlassian Confluence) and Stellar Forums (based on PHPBB), both of which make use of the LDAP service for user lookups.
Benefits and key features
- Provides access to MIT user and group membership information in a standard and commonly supported manner
- Replicated across multiple servers with redundancy and high availability in mind
- Accessing data via built-in LDAP support avoids the need for costly local customizations to obtain it directly from Moira or another MIT-specific source
- Provides user directory and group membership data
- Most third party applications (including Drupal and WordPress) ship with support for accessing such information via the LDAP protocol
- Allows any LDAP client access to the directory
- Supports anonymous connections for a limited set of data, similar to what you can obtain anonymously via the existing MIT People Directory
- Supports both GSSAPI (Kerberos) and username/password authentication
- Access to some data (MIT IDs, list memberships for hidden lists) will require having an account provisioned for your use and a valid business need for the data
- Connect to the hostname "ldap-too.mit.edu"
- To request access to non-public data, contact firstname.lastname@example.org
The directory is rooted at "dc=mit,dc=edu", with most data of interest provided under the following OUs (Organizational Units):
- Get examples of user data and list data available to someone performing an anonymous search