UCSB Identity Services maintains multiple repositories for accessing the person data detailed in the data dictionary.

Primary LDAP Service

The primary ldap service is the public-facing directory service provided by UCSB Identity Services. It includes new attributes for federation and edge use as well as a standard DIT.

host ldap.ucsb.edu
port 636 (ldap/ssl)
directory information tree o=UCSB
|
+-ou=People
|  - person
|  - organizationalPerson
|  - inetOrgPerson
|  - eduPerson
|  - ucEduPerson
|  - ucsbPerson
|  - dn: uid=[userid],ou=People,o=ucsb
|
+-ou=Applications
   - person
   - inetOrgPerson
   - dn: uid=[userid],ou=Applications,o=ucsb

The "primary" service is available with SSL-encrypted connections only and is accessible only within the ucsb.edu address space.

Legacy LDAP Service

The Legacy LDAP service is provided for backwards compatibility to the retired LDAP service at directory.ucsb.edu. This service maintains the same DIT as used with the old directory service as well as the same objectClasses to support legacy applications.

host directory.ucsb.edu
port 389 (ldap) & 636 (ldap/ssl)
directory information tree o=UCSB
- person
- organizationalPerson
- inetOrgPerson
- ucsbPerson
- oblix netpoint objectclasses
- dn: ucsbcampusid=[ucsbcampusid],o=ucsb

The "legacy" service is available with both non-encrypted and SSL-encrypted connections for backwards compatibility. Like the "primary" service it is accessible only within the ucsb.edu address space.

U-Mail LDAP Service

A private LDAP service is provided to U-Mail for the internal authentication of U-Mail services.