University at Buffalo - The State University of New York
Skip to Content

Step-by-Step Instructions

Requesting or Adjusting an LDAP Group

Learn how to request an "LDAP group" be created or edited. LDAP groups are used to define sets of people who can view pages in the UB Content Management System via Authenticated Published Pages.

Warning:

Restricting viewers by LDAP group is not working reliably in UBCMS. See Known Issues and Workarounds: Secure Pages Do Not Always Work for more details.

Operating System: Any

Applies To: UBCMS Managers / Site Owners

Last Reviewed: September 18, 2017

Instructions

Completing the Form

  • Brief Summary: specify "LDAP group adjustment"
  • Requested on Behalf of Name: your name
  • Requested on Behalf of UBITName: your UBITName
  • Preferred Contact phone number: your office number
  • Service or Machine Name: specific Accounts
  • Description: state "create new LDAP group", or "change existing LDAP group"
    • clearly state the existing or prefered LDAP group name
    • clearly state adjustments; e.g.
      • ADD John Doe (jdoe)
      • REMOVE John Doe (jdoe)

Tips for LDAP Group Names

  • Frequently LDAP group names have a 2-3 character prefix, plus a hyphen, then a longer string of characters.
    • e.g. uw-provost or mgt-admin
  • Best practice is to limit length to 16 characters overall. (Shorter names are generally safer.)
  • We do not enforce character restrictions on group names.
  • Lower case is strongly advised but mixed case or caps are possible.
  • Special characters are allowed but should be limited to "-" and "_".
  • No group name should begin or end with a special character.

UBIT protects 2-3 character prefixes that also happen to be entity abbreviations. For example, the Office of University Communications has an entity abbreviation of ucc, so ucc- would be reserved for their use.  

Contact the UBIT Help Center

Have a UBITName? You may also use the UBIT Help Center Online (login required).

(Required)
 
 
(xxx) xxx-xxxx
(Required)
Use your @buffalo.edu email, if known
 
(Required)