Search | Directories | Reference Tools
UW Windows Infrastructure Service banner image
Skip Navigation LinksUW Home > Computing and Networking > Support > UW Domains > UW Windows Infrastructure > Service Description

UW Windows Infrastructure Service Description

The UW Windows Infrastructure service includes authentication, authorization, directory, and netbios name resolution services. In the future, more services may be provided via the UW Windows Infrastructure. The UWWI is a fully-redundant service, striving for 100% service availability. UWWI runs on Active Directory, and has many features based on that technology that may not be fully described here.

Authentication Services

The UWWI provide authentication services (authN) for all active UW NetIDs. UWWI has the password for each UW NetID, and can be used for Kerberos version 5 authentication, NTLMv2 authentication, NTLMv1 authentication, or LDAP authentication (which uses the above mechanisms). Users can not directly change their UW NetID password via UWWI, but instead should use existing methods to manage their UW NetID. UW NetID creation and password changes are synchronized to UWWI in near realtime.

Authorization Services

The UWWI provides authorization services (authZ) for all active UW NetIDs. Login tokens obtained as part of authentication to UWWI include group information that can be used to access resources that have granted access to these groups or the users themselves. UWWI provides a large set of dynamically synchronized groups from institutional data sources that are automatically linked to the appropriate UW NetID. These synchronized groups include course groups, affiliation groups, and institutional groups from the enterprise groups directory (GDS) which receives group information from a variety of institutional data sources. Group information is synchronized to UWWI on a daily basis, and in the future when such mechanisms are available will be done in near realtime.

Directory Services

The UWWI provides directory services (LDAP) for all active UW NetIDs. LDAP compliant clients can be used to lookup some person-related directory information. Information currently in UWWI is limited, but may be expanded in the future. Directory information currently includes name, affiliations, UW Technology UID, UW NetID, and a 'UWRegID' which are obtained from the enterprise person directory (EDS). A picture of the existing Active Directory structure is available.

Name Resolution Services

The UWWI provides NetBIOS name resolution services in the form of a WINS service. Campus computers can be configured to use this WINS service to register their NetBIOS names and assist in NetBIOS name resolution of other computers. NetBIOS name resolution should not be considered a replacement for DNS, and UWWI leverages the central campus DNS service.

Policy

Use of UWWI is subject to UW Minimum Computing Standards, and all rules associated with use of UW computing resources. In particular, users agree to the privacy policy, respecting personal information stored in UWWI by not republishing or otherwise misusing it. Some information stored in UWWI is subject to the federal FERPA legislation and carries stiff penalties for misuse. In addition, users agree to not run or use services that allow clear-text passwords (or other insecure authentication protocols) over the wire, as noted in the UW Information Systems Security policy statement. The UWWI policy guide covers all policies specific to UWWI and gives greater details.