Active Directory

The RRZ operates a Microsoft Active Directory. Direct connection of applications and/or systems to the Active Directory is only possible when using a managed Windows or managed Linux server. Web applications should always use the Shibboleth service.

In exceptional cases, other applications and/or systems may also be granted access via LDAP. To do so, a corresponding (informal) request must be submitted to the RRZ ServiceLine(rrz-serviceline"AT"uni-hamburg.de?subject=Antrag auf LDAP-Nutzung (#SRQ-ADBetrieb)). This request should include the following information:

1. Full (FQDN) server name and IP address
2. Operating institution (faculty, department, institute, etc.)
3. Responsible person and deputy/technical contact persons (full names, user IDs, email addresses)
4. Services operated on the server with LDAP connection (complete list)
5. For each service, a brief description of its use and justification of the need for LDAP connection, as well as the type of LDAP access (“bind user” by ID xyz or “direct bind” with the respective user ID)

For decentralized institutions with their own IT service team and a significant number of end devices and/or servers, it is possible to integrate their own systems into Active Directory or connect them to it.

In both cases, please describe your requirements as precisely as possible so that the available options can be explained in a subsequent coordination meeting.