Learn how to request an "LDAP group" be created or edited. LDAP
groups are used to define sets of people who can view pages in the
UB Content Management System via Authenticated
Operating System: Any
Applies To: UBCMS Managers / Site Owners
Last Reviewed: September 18, 2017
Completing the Form
- Brief Summary: specify "LDAP group adjustment"
- Requested on Behalf of Name: your name
- Requested on Behalf of UBITName: your UBITName
- Preferred Contact phone number: your office number
- Service or Machine Name: specific Accounts
- Description: state "create new LDAP
group", or "change existing LDAP group"
- clearly state the existing or prefered LDAP group name
- clearly state adjustments; e.g.
- ADD John Doe (jdoe)
- REMOVE John Doe (jdoe)
Tips for LDAP Group Names
- Frequently LDAP group names have a 2-3 character prefix, plus a
hyphen, then a longer string of characters.
- e.g. uw-provost
- Best practice is to limit length to 16 characters overall.
(Shorter names are generally safer.)
- We do not enforce character restrictions on group names.
- Lower case is strongly advised but mixed case or caps are
- Special characters are allowed but should be limited to "-" and
- No group name should begin or end with a special
UBIT protects 2-3 character prefixes that also happen to be
entity abbreviations. For example, the Office of University
Communications has an entity abbreviation of ucc, so
ucc- would be reserved for their use.