IT Professionals
Content (1349)
CornellAD makes heavy use of DNS by dynamically registering services via SRV records. The Authoritative DNS Server for cornell.edu is dns.cit.cornell.edu
NS Pointers are configured to DNS servers for the following sub-zones:
The password and account policies in CornellAD are domain-wide settings, and affect all accounts in the cornell.edu domain. The policy is set at the domain level by CIT and is pushed down to all organizational units (OUs). CIT is not able make modifications to these parameters based on requests…
The CornellAD Planning Committee is the governing body for matters affecting the entire CornellAD forest/domain. Each CornellAD top-level unit is entitled to have a representative on this committee. The Planning Committee addresses issues such as schema changes, naming conventions, security…
CornellAD is backed up nightly.
Only AD objects are backed up. Devices that happen to be joined to CornellAD are not.
ARS provides default logging for 30 days. If you need older logs to troubleshoot a local problem, please contact the IT Service Desk.
CornellAD supports LDAP queries on standard ports (389 for LDAP and 636 for LDAPS) that can be used to get information about objects in CornellAD. Anonymous bind is not allowed, and you must authenticate using an account to query CornellAD. A BindID is recommended for applications that are…
AD LDS stands for Active Directory Lightweight Directory Service. This is Microsoft's implementation of a generic LDAP service, and is used to look up group membership for authorization purposes. Please note that AD LDS does not provide authentication service. (If you need authentication, see our…
All users of CornellAD are bound by Cornell University IT policy. For more information, visit the University IT Policies page.
Staff who have administrative privileges are responsible for adhering to Requirements for Use of CornellAD Account Types, and for reading and acknowledging CornellAD…
Systems used for CornellAD must meet the baseline IT security requirements outlined by the Cornell University IT Security Office.
For help installing or using Spirion, contact your local technical support provider or the IT Service Desk.
For general questions about data discovery tools, process, or issues: data-discovery@cornell.edu.
Deal With Automated Results
Windows: Handle Scan Results
Mac: Handle Scan Results
When you redact (sometimes called scrubbing) files in Spirion, the original file is saved in the original location, but the instance of confidential data is masked. For example, where a Social Security number is redacted, you'll see something like "XXXXX1085."
Redacting does not erase the…
Shredding Files in Spirion permanently removes the files from your computer. You cannot recover shredded files.
Your list of possible confidential data matches may include "false positives." A false positive is something that looked like confidential data to Spirion, but is not. You can ignore false positives. They will be skipped in future scans (unless they are changed).
After the scan is finished, you'll need to look at each possible match and decide how to handle it.
You can use Spirion to scan the following:
External hard drives
Thumb drives
CDs and DVDs
Mounted Disk Images (servers mapped to a drive letter on your machine)
Some unit/department have optional policies in place; scanning may not be available in some locations.
If you are…
Spirion is a tool to help you locate confidential data on your machine, but you'll need to work through the results before you can be sure your machine is in compliance with University policy and local practices. Spirion is configured to run automatically, but you can also perform manually-…
We assume you arrived at this page because you need to install the 2012 version of CMS software.
Before installing the new software, you'll need to uninstall the older version (CMS R13).
Your authorization code is listed on your CIT Services Report as your PBN number (PBN is the abbreviation for Personal Billing Number). You may also contact your department's Telecommunications Coordinator for assistance.
Use Your Authorization Code
9 + 1 + long distance number.
Wait for recall dial tone.
Enter seven-digit authorization code.
Other Dialing Instructions