ou=lds comes from the fact the church and byu merge parts of their ldap. The ldap you are all querying is the ces database...so you will find more than byu students there.
The ldap in ldap.byu.edu is different from the one in route-y. My guess is the reason you are seeing information in ldap that are not in your route-y is that your account has not been "synced". There are more than one system running around byu, and they can get out of sync sometimes. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of jb Sent: Friday, November 11, 2005 6:27 PM To: BYU Unix Users Group Subject: Re: Fwd: [Fwd: Re: [uug] How did "MormonShopper.com" get emailaddresses?]] Interesting. FYI: ldapsearch is in "ldap-utils" Debian package. If I search my name on BYU's public directory, it returns my first and last name, hometown, and email address. Everything else is unlisted. If I do the same search with the internal directory (in Route-Y), my office phone and current address and phone number are also displayed. These results are consistent with what I have declared to be listed in my preferences for my campus profile. However, using Michael's ldapsearch approach, a lot more information is returned. First, my middle name is listed (not too big of a problem), and my student and employment status are listed. It also lists the department for which I work, my office phone and my full home address (which I had requested only be listed on the internal directory). Yes, there's also a field that says "ou=lds", which we can only guess what that might mean. It's worse that this information is also listed for my wife who graduated in 2003, and who is no longer listed on either the public or internal directories. My FERPA knowledge is limited to what I can publish as a teacher, but even if BYU is not violating that act here, they are at least violating the trust of their students and employees who mark for certain information to only be displayed to employees and other students at the university. --jb Michael Moore wrote: >---------- Forwarded message ---------- >From: Paul Malquist <[EMAIL PROTECTED]> >Date: Nov 11, 2005 4:00 PM >Subject: Re: [Fwd: Re: [uug] How did "MormonShopper.com" get email addresses?]] >To: Michael Moore <[EMAIL PROTECTED]> > >I know that method has been used before. We need to find a way to prevent >this kind of harvesting of our ldap data. It looks like we need some >changes also to prevent divulging restricted information. I'll pass this on >to some of the other engineers, to see if we can find a way to prevent this. >Thanks for responding; this is really good information. >-- >Paul Malquist >Senior Systems Engineer >OIT Engineering > >----- Original Message ----- >From: "Michael Moore" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Friday, November 11, 2005 3:23 PM >Subject: Re: [Fwd: Re: [uug] How did "MormonShopper.com" get email >addresses?]] > > > > >>1:46. I don't know where they got the addresses, >> >> > >Paul, > >It would be fairly trivial to write a script to querry the ldap >database. Since the db returns a max of 100 results, just query "a*" >then "aa*" then "aaa*" till there are less than 100 addresses, then >continue on to "aab*" etc. > >ldapsearch -H ldap://ldap.byu.edu -x -b o=byu.edu mail="aaa*" > >The information returned by the ldap queries doesn't completely >respect the privacy settings selected in Route-Y either. Some of the >information, especially for "Unlisted" students is probably FERPA >violation material. For example I happen to know that a person >"HIDDEN" is supposedly unlisted. The querry: > ><insert> >UUGers, try this querry with your own uid if you think you're >completely unlisted... ></insert> > >ldapsearch -H ldap://ldap.byu.edu -x -b o=byu.edu uid="HIDDEN" > > returns lines such as "ou = lds", "Active Eligible to Register >Student", their place of employment and their hometown. > >Even if this wasn't the way the spammers got the addresses, it is a >possibility, and probably a privacy violation. > >Thanks, >Michael > >-- >Michael Moore >------------------------------- >www.stuporglue.com -- Articles, software and computer tutorials. >www.stuporglue.org -- Donate your used computer to a student that needs it. > >-------------------- >BYU Unix Users Group >http://uug.byu.edu/ > >The opinions expressed in this message are the responsibility of their >author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. >___________________________________________________________________ >List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list > > > -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
