The Enterprise Directory receives uclaWorkEmail from ODMP via webservice call in real time manner. If the person is an employee but not a student at the same time, the value in uclaWorkEmail is forced to uclaOfficialEmail. As long as the link between uclaWorkEmail and uclaOfficialEmail exists, changes in uclaWorkEmail automatically triggers the trigger the same change in uclaOfficialEmail. Access control rule is built in the Enterprise Directory to allow ODMP update this attribute for UCLA employees only who meet the conditions below:
ODMP managed by Directory Services, Planning Services, IT Services.
Contact managing unit Directory Services, Planning Services, IT Services.
This is the usage of this attribute in the attribute-map.xml file. For more information about Mapping the attribute please visit Shibboleth wiki.
<Attribute name="urn:oid:2.16.840.1.1138184.108.40.206.48" id="SHIBUCLAWORKEMAIL"/>