LDAP For User Authentication and Authorization

NOTE: Before pursuing LDAP authentication of any Web-based application, please consider using the NU Online Passport Web Single Sign-On (SSO) service. It is more convenient for users, is more secure, and opens options for additional authentication methods in the future. See the link below.

User authentication against centrally-maintained identity and password is available using the Lightweight Directory Access Protocol (LDAP). A formal request for access is required. The requesting entity must meet certain security criteria described in the documents below.

Requests for access to user attributes or group memberships must be reviewed by administrative units providing the identity information. This review includes how the information will be used, displayed, stored, etc. The request is considered against concern for individual privacy and compliance with applicable regulations.

Please read all referenced documents below and then complete and submit the request form.

• Implementation Documentation
• Registry Access Approval Process
• LDAP Database Items
• Web SSO User Authentication

• Authentication and Registry Data Access Request and Review Process (pdf)
• NUIT Security Practices Assessment Sign-Off (pdf)
• LDAP Registry Request - Authentication and/or Data Access (rtf)
• Information Access Agreement (pdf)

Information Systems Architecture (ISA)
847-467-4120
teb@northwestern.edu