Educause Security Discussion mailing list archives
Re: Question on student user accounts
From: Derek Diget <derek.diget+educause-security () WMICH EDU>
Date: Tue, 21 Jun 2005 14:53:34 -0400
On Jun 21, 2005 at 11:59 -0400, Cal Frye wrote: =>We had used a similar format, with an initial "S" for student, "F" for faculty, =>etc. If there was no middle initial, we substituted an "X" as a placeholder, and =>followed with four random digits. Obscure, so there were also email aliases of =>firstname.lastname type. F'instance, my student uid would have been SCJF1234, =>and my email address cal.frye () oberlin edu. But you might understand why Emily =>Young, with no middle initial, found this scheme somewhat inappropriate ;-) => =>Might I suggest some algorithm using lastname first, i.e. FryeCJ? This makes a =>simple alpha sort of username produce something useful... That's not, of course, =>how we do it ourselves nowadays ;-) Our Bronco NetIDs for students are the form of first initial, last digit of year of enrollment followed by last name. When we started we were truncating at 8 characters total length and exchanging the last characters with number to generate uniqueness. Our faculty/staff username are first initial + last name. As we decommissioned machines/applications that were limited to 8 character usernames we have started extending them to 15 characters about 18 months ago. So some examples would be b0bronco - Buster Bronco (the name of our mascot) if they were admitted in 2000 b5bronco - Above, but admitted this year. j3smithjone1 - Second occurrence of J* SmithJones admitted in 2003. We started this naming convention in 1999 and with ten years before account reuse (4 or 5 years of student being enrolled on average. Yeah, right :), the overlap was not going to be a big issue since the majority of accounts would have been "dead" for a couple of years. Up till about a year ago, you could have both accounts depending on your status. Since then, we have moved to a single account and applications are using the eduPerson[Primary]Affiliation attributes to determine your active roles. So we now have faculty/staff that have a username in the student form and "students" that are in the faculty/staff form. We are also in the process of rolling our Sun's Identity Manager to provision users into our LDAP which includes POSIX information for our Sun and Linux workstations, OpenVMS, Banner, and Luminis environments. (All backed with Kerberos.) Once that is rolled out we will be adding AD and NetWare. With these changes we have been in the battles/discussions of having a username based on your name and how that might effect all of these system when marriage/divorce happens, etc. We have not come up with an answer that a majority of us can agree on. :( Oh, we except mail in the form of uid@domain, but the "official" e-mail address for everyone is a first.last variation. 99% of the out bound mail gets rewritten to the official form by the e-mail gateways. We just can't every vendor applications to not auto-generate e-mails on the form of uid@domain where uid is the login username for the application :( -- *********************************************************************** Derek Diget Office of Information Technology Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/ ***********************************************************************
Current thread:
- Question on student user accounts Fretz, Kerry (Jun 21)
- <Possible follow-ups>
- Re: Question on student user accounts Aaron Childs (Jun 21)
- Re: Question on student user accounts Kenneth G. Arnold (Jun 21)
- Re: Question on student user accounts Jorgen Madsen (Jun 21)
- Re: Question on student user accounts Cal Frye (Jun 21)
- Re: Question on student user accounts Charlie Reitsma (Jun 21)
- Re: Question on student user accounts Matt Kirchhoff (Jun 21)
- Re: Question on student user accounts Jeffrey I. Schiller (Jun 21)
- Re: Question on student user accounts Bill Frazier (Jun 21)
- Re: Question on student user accounts Valdis Kletnieks (Jun 21)
- Re: Question on student user accounts Derek Diget (Jun 21)
- Re: Question on student user accounts Cal Frye (Jun 21)
- Re: Question on student user accounts Dave Koontz (Jun 21)
- Re: Question on student user accounts Mark Borrie (Jun 21)
- Re: Question on student user accounts Charlie Prothero (Jun 21)
- Re: Question on student user accounts John Lupton (Jun 23)
- Re: Question on student user accounts Geoff Nathan (Jun 23)