ITS Glossary - ITS Terms Demystified

Virtually every occupation and organization has its own terminology and jargon. While technology jargon now becomes rapidly adopted into our everyday language (e.g. "the web"), it can still be difficult to keep up. Within an organization, there are even more terms and acronyms for technology and projects. While these additional terms can expedite communication for those who know them, it sure can confuse those who don't.

There are many good on-line dictionaries for general definitions of technology terms. However, in the list below, you will find only those terms and acronyms for technologies and projects ITS frequently uses and references. And to provide a clearer understanding, we will define theses terms within the context of how they might be used at RIT. We have also grouped terms together as many are interrelated and provided additional information links as needed.

Active Directory & Directory Services
Active Directory is Microsoft's trademarked directory service that stores and organizes information about a network and its resources -- such as users, e-mail addresses, files, printers, servers, and applications -- and allows systems administrators to manage access to these resources. It also provides transparency in regard to the location of these resources so users can make use of them without having to be concerned with the structure of the network.

Active Directory's main features are as follows:

  • By virtue of joining an Active Directory-enabled domain local administrative rights are granted to appropriate systems administrators.
  • Delegation of control is defined to selective groups by OU. This allows ITS to assign responsibility where it belongs. It also gives the clients the freedom to do as-much-or-as-little management as they wish.
  • Group Polices, a collection of settings that define what a system will look like and how it will behave, are applied either at appropriate OU levels, or locally on the computers themselves. The effect is the same as if they were all locally applied.
  • Software can be deployed to many computers using Microsoft Active Directory. Again, this is not much different than installing it locally as an administrator, except it can be done to groups of computers at a time.

directory service should not be confused with the directory itself, which is the database that holds the information about objects that are to be managed by the directory service. The directory service is the interface to the directory and provides access to the data that is contained in that directory. It acts as a central authority that can securely authenticate resources and manage identities and relationships between them.

There are a number of other directory services that are used widely including LDAP, which is used primarily for e-mail addresses.

Directory services are to a network what white pages are to the telephone system. They store information about things in the real world, such as people, computers, printers, and so on, as objects with descriptive attributes. People can use the service to look up objects by name; or, like the yellow pages, they can be used to look up services.

Network managers use directories to manage user accounts and network resources. From a manager's viewpoint, a directory service is like an inventory of all the devices on the network. Any device can be located by using a graphic interface or by searching for its name or some properties (e.g., "color printer"). Once located, a manager can control the device (e.g., disable it or block certain users from accessing it). The directory is a central database where all objects and users are managed.

Directories are now used to manage a wide range of information, including, bandwidth management policies, profiles, electronic commerce information, and more. They also play an important security role related to authentication of users, firewall filtering, and VPN access.

Related Terms:
Group Policies, Group Policy Objects (GPO)
Group policy is a set of rules which can control a user's computer including, set security rules, set user permissions, control users' ability to install software, run logon/logoff scripts, allow access to folders and shared resources, and set browser (e.g. Internet Explorer) permissions. These policy settings are stored in Group Policy Objects (GPOs). Each GPO may be linked to multiple sites, domains, or organizational units (OUs). In this way, potentially thousands of machines or users can be updated via a simple change to a single GPO. This reduces the administrative burden and costs associated with managing these resources. Group policy provides centralized management of computers and users in an Active Directory environment.
Organizational Units (OUs)
Client PCs are divided into Organizational Units (OUs) similar in structure to the University's departmental structure.
A group of computers running versions of the Microsoft Windows operating system that can be centrally managed by one or more Windows Servers.
LDAP (Lightweight Directory Access Protocol)
LDAP is a standardized protocol used to access a directory listing. It's used by Web browsers and e-mail programs to enable lookup queries. LDAP allows Microsoft's Active Directory to work across operating system boundaries. At RIT, we often use the term "LDAP" in the context of referring to a person's "LDAP entry." This just refers to some of the directory information that is stored about you. You can lookup and modify your LDAP directory entry at:
The above definitions were compiled from a variety of sources, including Wikipedia, the Free Encyclopedia ( and from Linktionary (, an on-line dictionary for technology terms. Listed below are extensive definitions for the above terms, as well as some other useful links.

Additional Information:

Active Directory (AD)

Directory Services

Domain or Windows Server Domain (DNS)

Group Policy & Group Policy Objects

Integrating Mac OS X and Active Directory

LDAP (Lightweight Directory Access Protocol)

OU (Organizational Unit)

The RIT DialIP service lets members of the RIT community connect to the campus computer network and the Internet by using a dial-up connection. The term DialIP is an RIT-specific term that does not refer to any Internet protocol or networking software. For more information on using DialIP, see:
DNS (Domain Name System)
DNS (Domain Name System) is a form of directory service for the Internet. It holds information about domain names on the internet. Internet addresses are really based on numeric IP addresses, but DNS allows web browsers to use alpha-numeric characters instead of just numbers, then does the translation to IP addresses in the background. For example, instead of having to type in your browser's address bar, you can type
FTP (File Transfer Protocol)
Provides a means for transferring files between a desktop and a remote system or server on the Internet. Windows users typically use an application called WS-FTP and Mac users use Fetch. There are detailed help documents for both applications under the "File Transfer" section of the Help Documents page ( ). At RIT, most people use FTP applications to move files to and from a web server or a file share.
The RIT Directory uses LDAP (Lightweight Directory Access Protocol), which is a common method for mail programs to look up e-mail addresses. The terms LDAP, LDAP Entry or LDAP Directory, is often used by people at RIT when referring to attributes and information connected to your RIT Computer Account and the RIT directory of computer accounts. This term has its roots in the technology that is uses.

The RIT On-Line Directory contains an entry for each computer account at RIT. Each entry lists the name, e-mail address, and other information associated with the account. You can use it like a traditional directory (enter a name to find an e-mail address or phone number), perform a reverse lookup (enter an e-mail address or phone number to find a name), or perform a search based on any piece of information that may be listed.

It is important for you check your RIT Directory Entry, because whatever you post in the LDAP database is publicly accessible, however, a student can place restrictions on who can view his or her e-mail address and personalized e-mail address fields. And for students, your email may be forward to a non-RIT computer account e-mail address given earlier when you applied to RIT.

  • Search the LDAP directory
  • Modify your RIT Directory Entry
myRIT is RIT's web portal. A portal is a website considered to be a single entry point to other websites and offers a broad array of resources and services. Portals allow for efficient and organized access to web-based information where users also have the option to personalize this information in a way that is meaningful or useful to them. RIT's portal is called myRIT and can be found at You will need your RIT Computer Account to log in to it. When you log in, you will find it is organized in to tabs, which is pretty commonly used by portals. Each little window or section of the portal is called a portlet. Portlets are connected to other information and services at RIT and elsewhere. For example, CNN news is connected to whereas University News is connected to RIT's University News department. Another example is the TigerBucks portlet on the Financials tab. It is connect to RIT's food service system and displays your balances. For more information on the portal, you can visit .
RIT Computer Account
This was formerly referred to as a "DCE Account," but with the changes in how we manage computer accounts at RIT, it is no longer accurate so we now refer to your computer account simply as your "RIT Computer Account." Your RIT Computer Account is used to access many systems at RIT including SIS, myRIT, and your E-mail. More information about your RIT Computer Account can be found at:
SIS (Student Information System)
SIS (Student Information System), also called "Info. Center" or "Information Access Center" is used by students (and faculty) to register for classes, check information on course availability, bursar bills, grade reports, and other information related to academic records, as well as make updates to address information. SIS can be accessed from several sites and directly at:
SSH (Secure Shell)
SSH is used to describe both a terminal emulation program and the protocol used by one of those programs to allow a user to securely connect to a remote host. It provides strong authentication and secure communications over insecure channels. For this reason, ITS recommends using SSH instead of Telnet.
TCP/IP (Transmission Control Protocol/Internet Protocol)
Pronounced as separate letters, it's the suite of communications protocols used to connect computer systems on the Internet.
A terminal emulation program that allows a user to connect to a remote host as if the user's computer was directly connected to the host. It is important to note that when using Telnet, your traffic over the network is not encrypted. For this security reason, ITS suggests using SSH in favor of Telnet whenever possible.
VPN (Virtual Private Network)
A VPN is a way to provide secure remote access to an organization's network via the Internet. A VPN enables network information (IP traffic) to travel securely over a public TCP/IP network by encrypting all traffic. For more information on the VPN service at RIT, see the following:
This list is not meant to be exhaustive - though it may be exhausting, if all these terms are new for you. If you have additional terms that need defining, please let us know.