Opened 7 years ago

Closed 6 years ago

#137 closed (fixed)

Site Confirmation - Site administrator instructions incomplete

Reported by: lnevers@bbn.com Owned by: jonmills@renci.org
Priority: minor Milestone:
Component: AM Version: SPIRAL5
Keywords: Cc:
Dependencies:

Description

While looking for instruction for Site Administrators, I was able to find some information at https://wiki.exogeni.net/doku.php?id=public:operators:start that lets the reader know the following:

Administrator accounts on racks are managed through a hierarchical LDAP deployment rooted at RENCI. Site administrators have rights to their rack, while ExoGENI Ops team has admin rights on all racks.

But there are no instruction for Site Admins for:

  • What to do to get an administrative account
  • Who to contact to request am account
  • Administrative accounts policies.
  • System access granted to Site Admins (head node, worker node, bare metal, switches)
  • Type of access granted (public key ssh, https).

Change History (4)

comment:1 Changed 7 years ago by jonmills@renci.org

Owner: changed from somebody to jonmills@renci.org
Status: newassigned

As LDAP administrator as well as co-ordinator with new sites, I have been, thus far, automatically creating LDAP credentials for site admins. I send them a private email with a temporary password, containing instructions on how to use the password reset form to change their password. But I suppose this process could be stated explicitly somewhere.

comment:2 Changed 7 years ago by chaos@bbn.com

That would be great. Also, i think part of this process is who is notified when new admin accounts are created? I have noticed in passing that a couple of people have been added as admins to the BBN rack, but i didn't get any notifications about those.

I think the site admins list (e.g. xo-bbn@renci.org) should be notified when new BBN admins are added, in case the individual site does its own tracking of accounts (as we do).

comment:4 Changed 6 years ago by lnevers@bbn.com

Resolution: fixed
Status: assignedclosed

Reviewed updates and they address the initial request. Closing ticket.

Note: See TracTickets for help on using tickets.