Subject records in the IdPO’s IdMS must be managed appropriately so that Assertions issued by the IdPO’s IdP are valid.
4.2.6.1 Identity Record Qualification
- Faculty, staff, students, and affiliates are stored in a unique OU (ou=people,dc=unl,dc=edu) within the LDAP Directory Server. Only active accounts within this OU may participate in Federation. When a change occurs in student or employment status, a separation process is followed to ensure users are removed.
Employee Provisioning Timeline

Student Provisioning Timeline
