Services provide a credentialed identity for external parties to interact with the Enterprise Directory.
This document explains what services are for and why you would want to use them.
In order to get started with services you must request a middleware certificate and register a service.
Instructions for this process can be found at: Requesting ED-ID Service
Take note of what CN you generate in your certificate, as this will become your service identifier.
We recommend choosing an id that represents what your service will be used for.
Choosing names that correspond to server host names or other transient data will make your service less meaningful to administrative staff.
A service is a special directory entry that provides access to other data in the directory.
What follows are the service attributes which are of particular importance.
The entire schema can be found here.
The unique identifier of a service is known as the uusid, which stands for universally unique service identifier.
This attribute contains the unique name of a service.
This attribute contains the certificate issued to this service by the Middleware CA.
This attribute contains the certificate DNs that currently valid for a particular service.
As a service may have more than (1) valid certificate at any given time, this attribute dictates which of those certificates may be used.
This attribute enumerates the ou=People attributes that this service is allowed to view.
Any attribute listed here will be viewable by this service on all person entries.
This attribute contains the DN of the people who are responsible for administrating the service.
These people are expected to the be the technical staff who deal with integration.
This attribute contains the DN of the people responsible for this service.
These people will receive e-mail concerning this service, including notices concerning service expiration.
This attribute contains the date on which this service will be deleted from the Enterprise Directory.
When a service is created its expiration date is set the same as its certificate expiration date.
Several notification will be sent to the service contact prior to service deletion.