IAMUCLA
Child pages
  • cn
Skip to end of metadata
Go to start of metadata

cn

Definition

The cn is one of the standard LDAP attibutes defined in RFC 2256 http://www.faqs.org/rfcs/rfc2256.html that UCLA Enterprisee Directory adpots. According to RFC 2256, cn, also known as X.500 commonName, "contains a name of an object. If the object corresponds to a person, it is typically the person's full name." In the context of UCLA Enterprise Directory, cn is the full name of the person represented by an identity entry in the Enterprise Directory.

Data Flow

The Enterprise Directory retrieves FULL_NAME_PERSON from the UID system via the Campus Data Warehouse (CDW) in real time manner. For each person the UID system contains names recorded at 4 different university systems. They are Student Record System (SRS), Student Information System (SIS), Payroll Personnel System (PPS), and University Extension System (UNEX). Names from these systems are flagged in APP_ID field accordiingly as SR0, SI0, PP0, and UNX in the UID system. The Enterprise Directory select the name to populate cn base on the following logic:

  • a. If a person currently has student affiliation (flagged as "SRSAffiliated" in uclaPersonDirectoryListAffiliation), select the name in the order below no matter what other affiliation this person has:
    • 1. SR0 name
    • 2. SI0 name
    • 3. PP0 name
    • 4. UNX name
  • b. Else, if a person currently has employee affiliation (flagged as "PPSAffiliated" in uclaPersonDirectoryListAffiliation), select the name in the order below:
    • 1. PP0 name
    • 2. SR0 name
    • 3. SI0 name
    • 4. UNX name
  • c. Else, meaning a person does not have either student of employee affiliation, go with the same order of step a.
  • Note: If the name selected is found with APP_USAGE_STATUS <> 'A', an error message will be logged but the name still goes in ED.

For entries created by uclaASUCLAID, the attribute is updated by name values in ASUCLA employee filed FTP'd daily. See uclaASUCLAID for detail.
For entries created without uclaUniversityID, the attribute is updated by UCLA Logon System via web service call in real time manner.

Source System

UID system managed by Financial Aid and Shared Systems, Student Applications, IT Services.
UCLA Logon System managed by Network Engineering & Operations, IT Services.
ASUCLA payroll system managed by ASUCLA.

Access Permission

For students, contact data owner UCLA Registraror's Office.
For employees, contact data owner UCLA Payroll Office.
For ASUCLA employees, contact data owner ASUCLA payroll office.

Usage

This is the usage of this attribute in the attribute-map.xml file. For more information about Mapping the attribute please visit Shibboleth wiki.

<Attribute name="urn:oid:2.5.4.3" id="SHIBCN"/>