Online Directory Access Policies and Agreement

U-M Information Technology Central Services * R1452 * October 2007

Some individuals, such as help desk staff and departmental information technology staff, need greater access to the U-M Online Directory than regular users do. This document describes some of the access levels available and the policies that pertain to them. It also includes the form to be filled out to gain increased access to the directory.

WARNING! Some changes may render the directory unusable. Therefore, those who have write access to the directory must use extreme caution when making changes to entries.

NOTE: This document is also available in these formats:

Microsoft Word

Access Levels
Responsibility of Having Special Access to the Directory
Directory Access Policies
Non-Compliance With Directory Access Policies
U-M Online Directory Access Agreement and Authorization (form)

Access Levels

Anyone can look up an entry in the U-M Online Directory that has not been designated as private. Members of the U-M community can make changes to most of the fields in their own entries. If they have been designated as a proxy for an entry by the entry owner, they can make similar changes to that entry.

Some U-M staff members require additional access to perform their job duties. These are the most common access levels requested and granted:

Consultant access. Allows you to see the e-mail forwarding addresses in people's entries. (This field is typically hidden from everyone except the entry owner.) Usually, consultant access is given to help-desk consultants and other frontline staff members who help directory users. Consultants are to use their expanded viewing access to the directory only as needed in the performance of their jobs.

Accounts access. Provides write access to some fields in the directory, such as Also Known As and Email Forwarding Address. This level of access is typically given to those who work in the ITCS Accounts Office, as well as others who perform a similar function. Accounts access allows read access to most fields regardless of whether they have been designated as private.

Other. Customized access to only certain fields in the directory as needed for a specific job.

If you need special directory access, contact the Directory Services Team (diradmin@umich.edu) to find out what level is appropriate for your needs. Also, read this document so that you are aware of the applicable policies, then fill out and submit the U-M Online Directory Access Agreement and Authorization form.

Responsibility of Having Special Access to the Directory

Those with special access to the directory must be very careful when exercising this important responsibility. They must protect the privacy of individuals by enforcing Standard Practice Guide 601.07.0 (U-M Proper Use Policy) [PDF file, 102 Kb] and ensuring that the information published in the directory is correct.

Following the directory management policies will help protect you and the University community. Non-compliance with the directory management policies and procedures is a serious breach of the U-M Proper Use Policy and may result in disciplinary or legal action up to and including termination.

Directory Access Policies

Directory access policies are established by the Online Directory Services project team. There are absolutely no exceptions to these policies and procedures unless directed by the Directory Services project team. You can contact the team by sending e-mail to diradmin@umich.edu.

The primary consideration when making changes to entries in the U-M's Online Directory should be the interests of the person whose entry is being changed, whether the entry is a personal entry or a group entry.

You are responsible for setting your password to one not easily guessed. See Choosing and Changing a Secure UMICH Password (R1162) for details.

Do not give in to anyone pressuring you to bend or alter any of these policies or procedures. You must adhere strictly to them. If pressure or harassment continues, you should refer the user to your supervisor, unit director, or the Directory Services Team (diradmin@umich.edu).

Do not tolerate abusive situations. If you feel unduly pressured or harassed to provide unauthorized directory access, phone the Department of Public Safety for your campus:

Ann Arbor: (734) 763-1131

Flint: (810) 762-3335

Dearborn: (313) 593-5333

Non-Compliance With Directory Access Policies

NOTE: In order to maintain accountability and resolve problems, all directory management tools maintain an information log. Violating directory access policies will result in the following:

The supervisor or unit director notifies the Directory Services Team immediately.

The supervisor or unit director initiates an investigation process—possibly leading to disciplinary or legal action consistent with Standard Practice Guide 601.07.0 (U-M Proper Use Policy).

U-M Online Directory Access Agreement and Authorization

Access Level Requested

__ Accounts __ Consultant __ Other_____________

Employee Agreement

I, _________________________ (print name of employee),

______________________________(print uniqname of employee), have read, understand, and agree to abide by the policies for directory management or consultation without exception as set forth in this document, Online Directory Access Policies and Agreement (R1452). I will use my special access to the directory responsibly and appropriately, as described in this document.

I have read the Standard Practice Guide 601.07.0 Policy: Proper Use of Information Resources, Information Technology, and Networks at the University of Michigan and agree to abide by University of Michigan policy.

Signature _______________________________(employee) Date_______________

Supervisor and Unit Director Agreement

________________________________ (print name of department)

We, ________________________________ (print name of supervisor)

and ________________________________ (print name of unit director), confirm that the employee named above needs the indicated access level to the directory in order to perform his or her U-M job duties and ask that this access be authorized. In our supervisory roles, we will require that the employee use this special access responsibly and appropriately, in accordance with the policies described and listed in this document. We agree to notify the Online Directory Services project leader (diradmin@umich.edu) when this employee no longer requires special access so that the special access can be removed.

Signature ________________________________(supervisor) Date_______________

Signature ______________________________ (unit director) Date_______________

Directory Services Team Authorization

I, ___________________________________ (print name of Directory Services Team member), have reviewed the directory access policies with the above-named employee, supervisor, and unit director, and I authorize the above-named employee to have the directory access level indicated above.

Added to security group: __________________________________

Signature _______________________ (Directory Services Team member) Date_______________

Send signed original to: Directory Services Project Team, Arbor Lakes Building 1, Suite 2700, 4521 Plymouth Road, Ann Arbor, MI 48105-3640

The employee will be notified and provided with instructions via e-mail when the special directory access has been set up.