Alumni Accounts: Granting or Restricting Access to Departmental Services | Information Technology | University of Pittsburgh
!

You are here

Alumni Accounts: Granting or Restricting Access to Departmental Services

Alumni Accounts: Granting or Restricting Access to Departmental Services

As of spring 2015, graduating students are granted Alumni Accounts that provide access to certain enterprise services such as Pitt Email (Outlook). Some University departments provide additional technology services They may want to allow alumni access to these services or restrict these services (for example, because of licensing requirements). The technical information provided in this section is intended to help departmental IT staff modify access to their services as needed.

Some changes happen automatically when an account transitions to an Alumni account. Service owners should review the list below to determine if these changes are sufficient to remove access for individuals with Alumni accounts, or if additional steps are necessary. Please keep in mind that Alumni accounts will remain active in Enterprise Active Directory (AD) and the Central Directory Service (CDS).

Automated changes when an account transitions to Alumni

  • Account is moved from the Accounts OU in Enterprise Active Directory to the Alumni OU 
    • Accounts OU: ou=account,dc=univ,dc=pitt,dc=edu
    • Alumni OU: ou=alumni,dc=univ,dc=pitt,dc=edu
  • Account is added to an Alumni group
    • Alumni Group: Pitt-ActiveAlumniAccount or cn=Pitt-ActiveAlumniAccount,ou=groups,dc=univ,dc=pitt,dc=edu
  • Account has an attribute added to it that defines it as an Alumni account
    • Alumni Attribute: pittCategory = Alumni
  • All group memberships are removed
    • CDS-managed groups
    • AD groups
    • Office 365 groups
  • Shibboleth modifications are made
  • Global Address List (GAL) changes are made
    • Students, faculty, and staff will not be able to see Alumni in the GAL
    • Alumni will not be able to see students, faculty, and staff in the GAL
    • Alumni will not be able to see other Alumni in the GAL
  • All Alumni email mailboxes exist in Exchange Online