Home page logo

educause logo Educause Security Discussion mailing list archives

Re: a question about having College ID number as part of directory information
From: "pmorley () mcdaniel edu" <pmorley () MCDANIEL EDU>
Date: Thu, 7 Nov 2013 14:11:52 +0000

                Good Morning,

                We had similar concerns, and when Microsoft AD was implemented here Microsoft told us that don't store 
anything that is sensitive in AD......

                We mitigated this by extending our schema with custom attributes that are marked as "private" and are 
secured by a special security group only certain things can query on these attributes.

                This is the only way that is supported and that appears to be relatively secure.

                To do this, you must apply for a site specific OID and use that OID to extend your schema.


Phillip Morley
Data Center Administrator | Information Technology
McDaniel College
2 College Hill
Westminster, MD 21157
* Office: (410) 857-2540
* E-mail: pmorley () mcdaniel edu<mailto:pmorley () mcdaniel edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roy 
Sent: Thursday, November 07, 2013 8:58 AM
Subject: [SECURITY] a question about having College ID number as part of directory information

HI All,

This may have been addressed before but I am being asked if providing a college ID number on our LDAP and other 
directory services is a security risk.

I'm feeling that it isn't but I'm press to put a statement behind it that will put people at ease.


Roy Galang
Roy Galang
Director Technology Infrastructure
Library and Information Systems
Wheaton College
26 E. Main Street
Norton, MA 02766

Galang_Roy () WheatonCollege edu<mailto:Galang_Roy () WheatonCollege edu>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]