OneKey Account and LDAP Policy

Policy

Office
Information Technology

POLICY SUMMARY

In order to access Pratt email, use myPratt or utilize Pratt computers you must have a valid OneKey username and password. This policy covers the creation and retirement of each user’s OneKey.

Policy
OneKey Usernames
OneKey usernames are automatically generated nightly by Pratt’s Student Information System (SIS) Ellucian Colleague. The usernames contain the first character of your legal first name and the first 7 characters of your legal last name. They are generated on a first-come, first-serve basis, and similar usernames will have sequential numbers appended to differentiate between accounts. Your entire username will be a total of 8 characters including letters and numbers.
For example: 
Thomas Student would receive the OneKey username: tstudent, while Tanya Student would receive a username of tstuden2.
We do not accept requests for OneKey username changes based on preference or chosen name. 
We will accept username changes for the following reasons:

  • If you have legally changed your name and it has been recorded in the SIS.
  • If the generated username sounds or spells derogatory language or profanity in US english.

 Account Retirement
Once created, your OneKey account is transferred to our authentication systems consisting of LDAP, Active Directory (AD) and Single Sign-On (SSO) databases. LDAP records contain user information in addition to the authentication fields and can be used securely for directory lookup and other identity-based queries.
 LDAP Rules
There are a number of LDAP rules in place that will create, suspend, or retire Pratt user accounts:

  • Alumni – General account disabled 365 days from the day of their last class, limited access remains to certain systems.
  • Applicants – account disabled after 45-days unless the applicant becomes an enrolled student
  • Continuing Education Student – account disabled 31 days after class ends
  • Faculty – account disabled 1 day after termination
  • Staff – account disabled 1 day after termination
  • Student – account disabled 365 days after the last class ends, email can remain active if the student is on approved extended leave
  • Summer Program – account disabled 365 days after last class ends

Password Rules
Automatically enforced rules for the creation and modification of OneKey passwords is as follows:

  • Minimum length of password = 8 characters
  • Maximum length of password = 100 characters
  • Minimum 1 lowercase character required
  • Minimum 1 number required
  • Password cannot contain the user’s Pratt ID number
  • Password cannot contain the user’s oneKey
  • Password cannot contain special characters (*&^%$#!,.@/‘;\][{})
  • Passwords can not repeat 

Under these rules, passwords must be at least eight characters in length, contain at least one number and one lowercase character, and not contain the user’s username.