Versions Compared

Old Version 1

changes.mady.by.user Linda Ness

Saved on

compared with

New Version Current

changes.mady.by.user Linda Ness

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Gliffy Diagram
displayNamecomanage-ssh-demo-arch
namecomanage-ssh-demo-arch
pagePinpageid3123765352

The major components involved in this pilot are

...

  • Petitioner Enrollment Authorization: Authenticated User
  • Identity Matching: None
  • Require Approval For Enrollment: Yes
  • Email Confirmation Mode: Review
  • Require Enrollee Authentication: Yes
  • Notify On Approved Status: Yes
  • Approval Email Body: The approval message can be configured to include the information necessary to login to the server, by referencing the known server address and the assigned identifier (configured below). Here is a sample message:

...

nopaneltrue

Your request for access to (@CO_NAME) has been approved! In order to access our Linux VM, you must do the following: (1) Login to https://co.pilots.aarc-project.eu/registry (2) From the dropdown menu with your name (at the top, near the logout button), select "My AARC Demo VO Identity". (3) Scroll down to "SSH Keys" and click "Add". (4) Upload your SSH Key. You will now be able to login to 145.100.181.52. Your assigned userid is: (@IDENTIFIER:uid).

Your request for access to

...

(@CO_NAME)

...

has

...

been

...

approved!

...

In

...

order

...

to

...

access

...

our

...

Linux

...

VM,

...

you

...

must

...

do

...

the

...

following:

...

(1)

...

Login

...

to

...

https://co.pilots.aarc-project.eu/registry

...

(2)

...

From

...

the

...

dropdown

...

menu

...

with

...

your

...

name

...

(at

...

the

...

top,

...

near

...

the

...

logout

...

button),

...

select

...

"My

...

AARC

...

Demo

...

VO

...

Identity".

...

(3)

...

Scroll

...

down

...

to

...

"SSH

...

Keys"

...

and

...

click

...

"Add".

...

(4)

...

Upload

...

your

...

SSH

...

Key.

...

You

...

will

...

now

...

be

...

able

...

to

...

login

...

to

...

145.100.181.52.

...

Your

...

assigned

...

userid

...

is: (@IDENTIFIER:uid).

  • Enrollment Attributes
    • Name, Official, Organizational Identity, Copy To CO Person, Required
    • Email, Official, Organizational Identity, Required
    • Affiiliation
    • Other attributes as desired
    • (info) COmanage can be configured to prepopulate with certain attributes released from the home IdP.

Next, configure identifier assignment. Because the Unix account provisioning support is currently experimental, it is necessary to use identifier assignment to set up some of the attributes used by the posixAccount schema. (It may be necessary to define some of these types as extended types before the identifier assignments can be configured.) Sample identifier assignments:

...