Authentication and Directory Services
Campus Information Technology Services (CITS) provides authorized members of the University with a username and associated password which authenticates them for use of IT facilities, such as their own desktop, email, public access PC clusters in Departments and in the library, University Business Systems (e.g. Restricted areas of the University or Departmental web service).
Use of the University's username/password is governed by the University Conditions of Use of Information Technology Facilities.
CITS also maintains and provides access to a staff directory database of usernames, email names and other information including office location, phone numbers, email address, personal information.
- Provide help and assistance with respect to authentication needs and faults via the Service Desk.
- Allocate a username and password to new staff and students on joining the University. These will be made available to students for the first week of the new academic session.
- Provide an online mechanism to allow new students and staff (excluding casual staff and contractors) to activate their accounts.
- Provide a domain username/password within one working day.
- Provide an online mechanism for users to change their University wide password.
- Not disclose username/password information to others except under the procedures laid down in the University Security Policy.
- Provide guest access.
- Ensure passwords are securely stored and usernames are propagated to authentication services used within University e.g. Microsoft Active Directory, LDAP and OID.
- Deactivate staff accounts when they leave University unless alternative arrangements are made.
- Deactivate student accounts 12 months after they leave University unless alternative arrangements are made.
- Use the University's computing facilities in accordance with the University Conditions of Use and Associated Security Policies.
- Not permit others to use their username or password, nor disclose their password to anyone else.
- Inform CITS if they have reason to believe their password has become known to others.
- Change their University password at least once each year as required by the University Security Policy.
- Staff who access business systems must change their password every 90 days.
- Provide proof of identity if they request a password to be reset via the Service Desk.
- Maintain a database of usernames, email names and other information, including office location, phone numbers, email address, personal information.
- Provide customers with a method of updating their directory information.
- Provide access to this information within the University via the exchange global address list, a LDAP service and via the web based University directory.
- Provide access to this information from outside the University via a web interface.
- Enable users to opt out of the external directory.
- Update directory services information normally within 5 working days.
- Send out a reminder to customers to check their information if it has not been updated for 12 months
- Update their directory entry, if the information (e.g. Room, telephone extension etc) changes.
- Check their directory entry once per year and update it if necessary.