The Office of Information Security (OIS) and Enterprise Information Technology (EIT) at Penn State provides the ACCESS.PSU.EDU Windows Active Directory Root domain (ACCESS Domain) to be used by the University community. Doing so allows colleges, departments, and administrative units the ability to leverage infrastructure used for core digital credential management. OIS and EIT ITS offers this service so that units may leverage authentication (Kerberos 5) and authorization (LDAP) services.
The service allows a user to gain access to applications and data on a remote computer over a network. It handles the job of authenticating clients, as well as making the applications available remotely. It is also entrusted with the job of restricting the clients according to the level of access they have. Microsoft Active Directory includes internal support for Active Directory Services.
The underlying technology supporting the ACCESS Domain service will no longer be supported by the vendor, Microsoft, beginning January 2020. Therefore, no new accounts are being added to this service.
A project is underway to transition all current users and services in the ACCESS Domain to the Enterprise Active Directory.
Enterprise Active Directory (EAD) is Penn State’s deployment of Microsoft Active Directory, which provides University-wide authentication and authorization/directory services. EAD is a secure, standard, and efficient implementation of Active Directory that provides delegated administrative access for Penn State IT Units. It is also a foundational component for vertically integrated services, such as Office 365. The EAD service is managed by OIS and EIT.
To request new EAD service please visit – Penn State Enterprise Active Directory Request Form
The goal is to provide units with maximum flexibility and control over its own Microsoft Active Directory infrastructure without any hardware investments. Creating a stable infrastructure based on supported Microsoft technologies helps promote autonomy among different units at Penn State. Group Policy Objects (GPO) are up to the discretion of the individual unit.
ACCESS Domain Service Availability & Maintenance
To keep systems running at peak performance and to ensure the best possible service, routine testing and maintenance is performed during the daily maintenance window from 5:00 a.m. to 7:00 a.m. EST/EDT. During this time, systems and services may be affected. Unanticipated urgent service issues may require maintenance at other times.
Questions, comments, and requests for assistance related to ACCESS.PSU.EDU may be directed to the Windows Active Directory Team (email AD team).