SupAnn recommendations : schema for french education directories



Version 1.0.1

This document is a partial translation of Recommandations pour les annuaires de l'enseignement supérieur : SUPANN

Classes

The directory schema includes :


 Tables captions

Mono or multivalued:

Obligatory:


Attributes used from inetOrgPerson

The attributes described below are only those of inetOrgPerson which are used in SUPANN.

Name

Semantics

Mono or
multivalued

Obligatory

Origin

Use

Sn

name

Multi

O

RFC2256

MUST contain the "nom d'usage" (cf glossary). The surname (or patronymic name) may be added. Any diacritical character allowed. First letter must be capital.
Example: "Bugalé".

givenName

first name

Multi

D

RFC2256

MUST contain the first name. Any diacritical character permitted. We advise to use only the very first part.
Example: "Jérôme"

Cn

complete name without accents

Multi

O

RFC2256

MUST contain the last name followed by a space and by the first name (separated by a space). Advice: no diacritical character for easy research purpose.
Example: "Bugale Jerome"

displayName

complete name with accents

Mo


RFC2798

MUST contain the first name followed by the last name. Accentuated version of the Cn value. Caution: it is the reversed Cn order.
Example: "Jérôme Bugalé"

uid

unique identifier

Mo

D

RFC2798

MUST be used as rdn for person entries. Content free but as short as possible. A uid SHOULD NOT be allocated again once released. It is unique within the Information System and SHOULD NOT be modified along time for a user. This identifier CAN be used as link with other users back ends.

title

title

Multi


RFC2256

Title of the person.

Examples: doctor, professor, director, president, etc.

mail

canonical    electronic mail address

Multi


RFC1274

This attribute is multivalued however we advise to put only one address in it : the canonical value

userPassword

user password

Multi


RFC 2307

The password CAN be stored in the directory (it can also be stored on the  authentification server). It MUST be crypted and in conformity with the syntax defined in the RFC 2307. It SHOULD NOT be stored or transmitted over the network in clear. All non-anonymous bind  must be carried out on a crypted channel.

userCertificate

X509 certificate

Multi


RFC2256

MAY contain the X509 certificate(s) of the person.

postalAddress

postal address

Multi


RFC2256

Complete postal address. Take care of the format ("$ "separator, see RFC2256).

Example: 3bis chemin des bois$BP 4321$99456 Monton Laho

labeledURI

URL

Multi


RFC2798

MAY contain the URL of  the person home page.

Example: http://www.cru.fr/perso/jplg

preferredLanguage

usual language

Mo


RFC2798

See RFC 1766 and  ISO 639 stamdard for the use of this attribute.

Example:

  • fr

  • fr, bre;q=0.8, en-gb;q=0.5

telephoneNumber

fixed telephone number

Multi


RFC2256

Main telephone number. Warning : it SHOULD be monovalued in SUPANN, contrary to the RFC 2256 ( if not, one cannot distinguish the main number from the others). The other telephone numbers of the person are in supannAutreTelephone.

Format: +xx x xx xx xx xx (CCITT Rec. E123). Example: +33 1 63 70 62 40.

Other formats may be accepted: they will be displayed as is on web interfaces.

pNNNN may be added for extensions.

facsimileTelephoneNumber

fax number

Multi


RFC2256

Format E 123

mobile

mobile tele phone number

Multi


RFC1274

Format E 123

 


Attributes used in edu Person

The attributes described below are only those of eduPerson which are used in SUPANN.

 

Name

Semantics

Mono or
multivalued

Obligatory

Origin

Use

eduPersonAffiliation

Category of user

Multi


Internet 2

Identifies the categories of a person within the HEI. For interoperability reasons, the values were preserved in English, in accordance with eduPerson's. SUPANN added to those the value "researcher".

Possible values are:

  • faculty: teacher (full or part time);

  • student: student;

  • staff: management staff;

  • alum: former student;

  • member: includes faculty,  student, satff, employee and any person belonging to the HEI;

  • affiliate: external partner;

  • employee: administrative and technical staff ;

  • researcher: a person doing research and not being a teacher (even part time).

MUST be left empty for a person belonging to none of these categories.

eduPersonPrimaryAffiliation

Principal category of user

Mo


Internet 2

CAN contain the main category (the core category) of a person. If valued, it MUST contain one of the eduPersonAffiliation values.

eduPersonNickname

informal name

Multi


Internet 2

MAY contain an informal name choosen by  the person

eduPersonPrincipalName

Single institutional identifier

Mo


Internet 2

This attribute MUST contain the identifier which the user will enter when he connects to the information system of his institution. It is unique at the national level and may  change over time, but only according to specific rules enforced by the institution (after a wedding for example). It CAN be used to login in workstation or to access legacy applications, in place of uid attribute, depending on the institution choices and technical constraints.

It's format is  id-perso@domain.

Important : the uniqueness of the couple id-perso and supannAliasLogin must be insured

The following attributes were not integrated in release 1 of SUPANN but will be most probably in SUPANN 2, when new branches allow it. It is about: eduPersonOrgDN, eduPersonOrgUnitDN and eduPersonPrimaryOrgUnitDN.

Attributes of the supannPerson class

 

Name

Semantics

Mono or
multivalued

Obligatory

Origin

Use

supannAliasLogin

login of the user

Mo


supann

This attribute CAN contain an alias id for connecting to the institution's information system. It is unique in the HEI and may be changed directly by the user (with the provision of remaining unique), according to the HEI policy.

supannOrganisme

institution of belonging

Mo

O

supann

MUST contain the  identifier of the institution identified by the civil services as the home institution of the person (see appendix for values).

supannCivilite

civility

Mo


supann

"M.", "Mme" or "Mlle" (not to forget the point after the M for Monsieur)

supannRole

roles

Multi


supann

Identifies the different roles played by the person. Is used to set up groups of persons across insitutions. See  appendix 3 for permitted values.

Example: CTICE (for people in charge of coordinating ICT for learning)

supannListeRouge

entry in "red list"

Mo

O

supann

MUST contain a binary value. TRUE means the person requires his personal information not to be disclosed outside of the institution

supannAutreTelephone

Other telephone numbers

Multi


supann

Fixed telephone numbers others than the principal one. Same syntax as TelephoneNumber.

supannAffectation

Internal structure(s) of the institution in which the person is involved.

Multi


supann

This attribute contain the names of the structure (or different structures) within which the person is active either for teaching, learning, research, administration, technical, or anything else. It is syntax free (text)

supannEmpId

 employee identifier

Mo


supann

Employee id inside the information system used the human ressources department.

supannCodeINE

INE code

Mo


supann

This attribute MUST store the INE code for the students (french code identifying students). It MUST be filled if the  eduPersonAffiliation attribute  contains "student".

supannEtuId

student id

Mo


supann

Student id within the Information System for  management  students, scholarship, etc.

supannParrainDN

Person in charge for the entry

Multi


supann

DN of the person taking responsability for the creation of the entry in the directory. Must be filled especialy if eduPersonAffiliation does not contain "member", i.e. for the persons external to the institution

Appendix

Values of supannOrganism

value = schemeprefix schemevalue
    schemeprefix = "{"scheme"}"
    scheme = "UAI"/"CNRS"/"INRIA"/"INSERM"/"autre"
    schemevalue = national UAI code for universities, proprietary code for others

Example, for university of Poitiers : {UAI}0860856N

Glossary

Nom d'usage :

Means a name a person can use in the following cases :

Important:

the nom d'usage is not permitted on any official id paper.

On the other hand one can used it in correspondences with the civil service after having pushed a formal request for its usage. In this case the same nom d'usage should always be used whatever the civil service is involved.

In private life anyone can make use either of his nom d'usage or his patronymic name.