Hi

I am using the LDAP module on a site that is used by students of a university. The authentication to the site is handled by ldapauth.module. The site has read-only access to our university's LDAP server. Due to federal privacy laws, we are not allowed to automatically retain personal information about a student in our Drupal database. However, it is permissible to prepopulate a registration form with data obtained from the LDAP server. The student could then change that information, or leave it as is.

I'm not having any problems with authentication, and I know how to create a registration form that would be presented to the user when they first log in. I could make some of those fields required (such as First Name, Last Name, e-mail, etc.). However, we would like the students to use their real names as much as possible, and we feel that this is most likely to happen if all fields are prepopulated with data so that registering requires very little effort.

I'm wondering if it would be possible to modify the ldap module (probably ldapdata) so that it only did the profile information lookup if the user didn't already exist in the Drupal database. Has anyone done this already? Any ideas of if this would be something simple or if it would be quite complicated?

Thanks for your help
AC

Comments

scafmac’s picture

So you do not want the data in the Drupal DB overwritten once the student has had a chance to update it during the registration process? Is that what you would like? Any reason why you wouldn't just make the LDAP DB accessible? I would have thought the administration would like to capture any changes.

We have a similar situation on our campus. Others on campus already handle any data changes, so our sites load any profile data in LDAP, but it remains read only. Students are directed to IT for any pertinent changes instead of stranding it in the Drupal DB.

aclight’s picture

Well, the basic idea is that the registrar's office requires that if a student decides, at any time, that he wishes his data to be completely private, all systems that get their data from the LDAP server must comply with this change without requiring the student to do anything additional (other than contacting the registrar in the first place).

The other possibly important thing here is that the students' drupal usernames are a somewhat meaningless form, ie. xyz123. This is the uid that each student has to use to authenticate against the LDAP server.

Instead of displaying the username (which technically we are not allowed to display to anyone, only to store it in our database), I've added a function phptemplate_username() in template.php that outputs 'profile_firstName profile_lastName' as the name to display for the user.

In order to comply with the privacy regulations, it's possible to do a LDAP lookup every time the phptemplate_username is called with a given student's uid. However, this makes for very slow page loads and is not very kind to the LDAP server.

I'm told by the administrative types that if, upon the first login, we present the user with his information from the LDAP server (first and last name, etc.) as it is at that moment, allow him to edit it as he wishes, and inform him that the values here will be displayed to the world, we can then store whatever is in those fields when the user hits submit and that is considered by the administration as the user opting in to the system, and therefore we don't have to pay attention to whether the user has elected to hide all of his information, because our system is no longer getting information on this student from the registrar's office via LDAP.

It's really kind of silly, but it's how the administration is handling this and I can't control that.

And, to specifically answer your questions:

So you do not want the data in the Drupal DB overwritten once the student has had a chance to update it during the registration process? Is that what you would like?

Yes, I think that's exactly what I would like.

Any reason why you wouldn't just make the LDAP DB accessible? I would have thought the administration would like to capture any changes.

For students, the registrar is the only entity with write access to the LDAP database. All changes must be made with them.

We have a similar situation on our campus. Others on campus already handle any data changes, so our sites load any profile data in LDAP, but it remains read only. Students are directed to IT for any pertinent changes instead of stranding it in the Drupal DB.

So if a student elects FERPA privacy protection (Federal Education Right to Privacy Act, I think), how does your Drupal DB handle this? Does the student have to log into the Drupal site and also change the information? I believe the default LDAP module behavior is to update the profile fields each time a student logs on to the Drupal site (so the student wouldn't really have to change/erase their information, just login so the info would update), but I'm told that even this is not acceptable, and there must be no need for the user to do anything except contact the registrar.

Thanks for your help
AC

scafmac’s picture

That's very interesting.

We get very few students that opt for such privacy, but I'm sure we'll have to implement something here as well. Off hand, on our campus I would try adding a FERPA group to AD (not really an LDAP server) which already controls Drupal groups. Then using _phptemplate_username, we could show any regular users' display name and obfuscate any FERPA users' names - change them to the anonymous username or perhaps come up with a new generic name. Since the group data is loaded during user load, there would be no LDAP server hit.

I'll try and take a look at the code sometime soon.

aclight’s picture

Yeah, I suspect that we have very few students who elect FERPA as well, but since I'm not part of IT and the project I'm working on is only for one program within the university, they are being extra paranoid and strict about the access we have to LDAP data and the way we use it.

I wish we could just require that a user login to our system after they elect FERPA and allow the data to be removed upon the user load, but I guess that's not good enough for our IT/registrar offices.

Thanks for taking a look into this.

Take care
AC

jdleonard’s picture

I am in a similar situation as aclight. I am developing a new Drupal site for my university's student association and also have read only access to an LDAP database (but I am not permitted to perform LDAP authentication) with similar FERPA concerns. Users log in via the CAS module (Central Authentication Service, used as a single-sign on solution by my university). I have hacked the CAS module and its limited interaction with the ldapauth module so that when users log in via CAS for the first time, their real name is pulled from LDAP and put in a profile field. What I need instead is for the user to be directed to a form after their first CAS login that has their real name pre-filled (for the same FERPA reasons as aclight) that will set the realname profile field upon submission. I am fairly new to Drupal and I'm not sure exactly how to accomplish this. Any advice would be most welcome!

jdleonard’s picture

I just submitted a patch for the CAS module that allows an administrator to specify a page to which a user is redirected upon their first (initial) login with CAS: http://drupal.org/node/144378

jdleonard’s picture

Status: Active » Closed (won't fix)

This issue is 4 years old. Feel free to re-open if this feature is still desired.