Part of the reason for choosing NetID is to clear up some confusion around the UID identifier which has two meanings.
On Posix systems such as Unix/Linux, UID refers to User ID. OpenLDAP currently uses the UID attribute for the "Udeupa Username". This will continue to be true even after this "APU NetID" name change.
UID also stands for Unique Identifier. This value appears as the first field in the Distinguished Name (DN) in LDAP. The DN represents the location of a record in the heirarchical Directory Information Tree (DIT). APU is using the same value for both the DN and the attribute. For example:
dn: uid=joestudent,ou=Students,ou=People,dc=apu,dc=edu
uid: joestudent
According to Identifiers, Best Practices for Higher Education, the UID should be distinctly different than the NetID.
This ID is centrally provided, perhaps with distributed online clients. It is assigned to all current active users of campus electronic resources. The UID should be non-revokable and non-reassignable; hence it needs a large capacity (32 bits minimum). All other identifiers should be either directly or indirectly linked to the UID.
The identifier most closely associated with these qualities is our "APU ID Number", not the NetID. The reasons for using a value in the DN that won't change, is because changing the DN is not efficient. It requires, in most cases, removing a persons entire entry and re-adding it. It also requires changing all group memberships for that user, which are associated by DN. The fundamental concept is that an active APU person's DN should never need to be changed. As long as they are affiliated with APU their "LDAP Address" should not change. This is also the reason why the Internet2 Directories Working Group is promoting the use of a "flat" ou=People tree, not desiring to represent affiliation via the person's location in the DIT. A person is rather referenced in groups by their "permanent DN" throughout the directory.
