Skip to content Skip to site navigation

Directory Usage Policy

To access attributes not visible through anonymous binds, permission from the data owners must be obtained. If you are Faculty/Staff or in the Administrative Group with Stanford, you may request additional access to the directory. See instructions for requesting data owner approval at Requesting Access.

Access is given via Kerberos principals on a per-application/per-usage basis. An application is considered any tool or service with a very specific scope. Tools or services running under one Apache instance or a single server are NOT considered a single application: Each tool might require separate authorization if the function of each tool is different. Furthermore, if the scope of an application changes, request from the data owner to use the data in a new manner might also be required. Using a principal to give access to other applications without data owner consent is a violation of the Usage policy, and can result in an immediate termination of the principal and its access capabilities.

Last modified December 9, 2015