Skip to content | Change text size

ITS home
 

Hybrid Directory Service - Technical Documentation

Contents

This document:

Other documents:

Background

The purpose of the Hybrid Directory Service (HDS) is to provide an easy mechanism for external users to be given limited access to restricted Monash information and services for a limited time.

There is a need for external users to obtain limited access to restricted Monash teaching resources. This is often the case whereby an external specialist assists in the teaching of a subject, but is not a Monash staff member. Such external users require access to:

  • the Collabra news service,
  • some restricted web based material,
  • the my.monash portal.

The Hybrid Directory Service provides this access.

Terminology
  • External Directory Service (EDS) - a Directory service that contains details about external (non-Monash) users who need to have limited access to restricted Monash information and services.
  • Hybrid Directory Service (HDS) - a Directory service that contains details from both the Monash Directory Service (MDS) and the External Directory Service (EDS).
  • Monash Directory Service (MDS) - Existing Directory service that contains details of Monash staff and students
  • Sponsoring organizational unit - The department or faculty who "sponsors" an external user by creating them an external user account.

How it all works

 External users will be added to the External Directory Service (EDS) - a new Directory that is used to store details about external users.
  • Details from EDS and from MDS are copied to HDS. The HDS includes the entire "o=Monash University, c=AU" subtree from the MDS, and current users from the EDS.
  • People can then choose to use the HDS for authentication (by altering their .htaccess files) if they want to give access to external users.

Usernames

 All usernames will be prefixed by "ext-". This is to ensure that there are no duplicates with existing usernames in CRUX.

User management

Creation

External user details can be submitted via a web form. The accounts will be ready to use as soon as the details are submitted, provided that the details pass basic error checking (eg, no duplicate usernames).

Suspension and renewal

External user accounts are automatically suspended on the 30th of June and the 31st of December, (or at an earlier date if specified by their sponsoring organizational unit), unless they are renewed prior to those dates. Entries can be renewed for a further six months, during the month prior to the entry expiring.

Deletion

External user accounts will be automatically deleted after they have been suspended for one year. (This makes it possible for an account to be active during semester one, suspended during semester two and then reactivated for semester one in the following year.)

Faculty support staff have the option of suspending, reinstating and deleting users immediately at all times.

Admin access restrictions

  • External user entries can be administered by anyone with existing MDS administration rights.
  • Administration access for managing external users can also be given to other faculty staff without giving them access to other MDS programs.
  • External user entries can be edited by anyone with access rights to the sponsoring organizational unit.

Service desk support

 The ITS Serivce Desk does not provide support for external users. All queries/help for external users need to be directed back to an appropriate person at the sponsoring organizational unit.

A note about CRUX

 External users will not be added to CRUX because:
  • The users do not have an ID number.
  • It ensures that external users do not obtain access to other Monash computer services.
  • CRUX does not have the proposed deletion and suspension timeframes.
  • CRUX is to be phased out at some stage.

Related Documentation