Page History

(NameID)
urn:mace:dir:attribute-def:eduPersonTargetedID
urn:oid:1.3.6.1.4.1.5923.1.1.1.10

eduPerson

UTF8 string
(unbounded)

bd09168cf0c2e675b2def0ade6f50b7d4bb4aae

Surname

urn:mace:dir:attribute-def:sn
urn:oid:2.5.4.4

X.520

UTF8 string
(unbounded)

Vermeegen
孝慈

Given name

urn:mace:dir:attribute-def:givenName
urn:oid:2.5.4.42

X.520

UTF8 string
(unbounded)

Mërgim Lukáš
Þrúður

Common name

urn:mace:dir:attribute-def:cn
urn:oid:2.5.4.3

X.520

UTF8 String
(unbounded)

Prof.dr. Mërgim Lukáš Vermeegen
加来 千代, PhD.

Display name

urn:mace:dir:attribute-def:displayName
urn:oid:2.16.840.1.113730.3.1.241

RFC2798

UTF8 String
(unbounded)

Prof.dr. Mërgim L. Vermeegen
加来 千代, PhD.

Email address

urn:mace:dir:attribute-def:mail
urn:oid:0.9.2342.19200300.100.1.3

RFC4524

RFC-5322 address
(max 256 chars)

m.l.vermeegen@university.example.org
maarten.'t.hart@uniharderwijk.nl 
"very.unusual.@.but valid.nonetheless"@example.com
mlv@[IPv6:2001:db8::1234:4321]

Organization

urn:mace:terena.org:attribute-def:schacHomeOrganization
urn:oid:1.3.6.1.4.1.25178.1.2.9

Schac

RFC-1035 domain string

example.nl
something.example.org  

Organization Type

urn:mace:terena.org:attribute-def:schacHomeOrganizationType
urn:oid:1.3.6.1.4.1.25178.1.2.10

Schac

RFC-2141 URN
see Schac standard  

urn:mace:terena.org:schac:homeOrganizationType:int:university
urn:mace:terena.org:schac:homeOrganizationType:es:opi

urn:schac:attribute-def:schacPersonalUniqueCode
urn:oid:1.3.6.1.4.1.25178.1.2.14

RFC-2141 URN
see SURFnet registry 

Affiliation

urn:mace:dir:attribute-def:eduPersonAffiliation
urn:oid:1.3.6.1.4.1.5923.1.1.1.1

eduPerson

Enum type (UTF8 String)

employee, student, staff, member (alum, affiliate, faculty, library-walk-in are not allowed)

student@physics.uniharderwijk.nl
employee@facilities.uniharderwijk.nl

Entitlement

urn:mace:dir:attribute-def:eduPersonEntitlement
urn:oid:1.3.6.1.4.1.5923.1.1.1.7

eduPerson

RFC-2141 URN
Multi-valued

to be determined per service (see Standardized values for eduPersonEntitlement)

PrincipalName

urn:mace:dir:attribute-def:eduPersonPrincipalName
urn:oid:1.3.6.1.4.1.5923.1.1.1.6

eduPerson

UTF8 String
user@domain

piet.jønsen@example.edu
not.a@vålîd.émail.addreß

isMemberOf

urn:mace:dir:attribute-def:isMemberOf
urn:oid:1.3.6.1.4.1.5923.1.5.1.1

eduMember

RFC-2141 URN
Multi-valued

urn:collab:org:surf.nl
urn:collab:org:clarin.org

uid

urn:mace:dir:attribute-def:uid
urn:oid:0.9.2342.19200300.100.1.1

RFC4519

UTF8 String
(max 256 chars)

s9603145
flåp@example.edu

preferredLanguage

urn:mace:dir:attribute-def:preferredLanguage
urn:oid:2.16.840.1.113730.3.1.39

RFC2798
BCP47

List of BCP47 language tags

nl
nl, en-gb;q=0.8, en;q=0.7

urn:mace

urn:mace:dir:attribute-def:eduPersonScopedAffiliation

urn:oid

urn:oid:1.3.6.1.4.1.14665923.1151.1211.1.159 

Multiplicity

multi-valued

Description

Indicates the relationship between the user and a specific (security) domain with his home organisation.  The values consist of an affiliation and a security domain, concatenated with a @-sign, i.e. <affiliation>@<sub.domain.nl>. In this way, the relationship between a user and his institution can be specified in a fine-grained way. For example, it allows for specification that a user is a student in the Physics department, or a secretary works in a specific department within a faculty.

The affiliation-part must be one of the values allowed for the eduPersonAffiliation attribute (see above). At the moment, these are:

• student — A person enrolled at an institution, an external student or course participant
• employee — A person with a position at or labour agreement with an institution
• staff — All academic staff (in Dutch: wetenschappelijk personeel, or WP) and teachers
• member — Anyone that holds at least one of the above affiliations is also a member

The following value(s) are allowed, but not (yet) used by any services:

• affiliate — A person who is authorised by the Institution, pursuant to the licence model concluded by the Institution, to use the Service

The domain-part of this attribute must be subdomain of the user's schacHomeOrganization. This subdomain does not necessarily need to exist in DNS. For example, if the user's university uses the schacHomeOrganization uniharderwijk.nl, valid values for the domain part of the eduPersonScopedAffiliation would be science.uniharderwijk.nl, physics.science.uniharderwijk.nl, etc.

Notes

• This attribute can be used to express the faculty, field of study, department, etc to which a user is affiliated.
• As this attribute is multivalued, it is easily posible to express that a user is a student in a certain field, and at the same time is employed by a different department of the university
• There is no common register or policy of which subdomains are valid or express a certain concept. For example, staff@cs.uniharderwijk.nl might indicate the user is a staff member of the computer science department of the University of Harderwijk, while staff@cs.surfnet.nl might indicate an employee of the community support department of SURFnet. Therefore, if you are an SP and would like to use this attribute, you always need to confer with the university if you need to interpret these values.