Collaborator Account: Difference between revisions
(Added XIAS VPN and Duo instructions) |
|||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
This | This page describes the process for a UAB employee to request for a Cheaha account for an external collaborator (i.e. a person who does not have a UAB BlazerID). | ||
==Create XIAS Account== | ==Create XIAS Account== | ||
Line 6: | Line 6: | ||
For additional information, see the [https://apps.idm.uab.edu/xias/top XIAS help page]. | For additional information, see the [https://apps.idm.uab.edu/xias/top XIAS help page]. | ||
''' | '''Going through the sponsorship process, you are stating that you know the individual(s) and are responsible for their actions while they are using the XIAS accounts.''' | ||
===Create a site=== | ===Create a site=== | ||
The [https://idm.uab.edu/cgi-cas/xrmi/sites XIAS website] has two options on the left-hand panel: [https://idm.uab.edu/cgi-cas/xrmi/sites Manage Projects/Sites] and [https://idm.uab.edu/cgi-cas/xrmi/users Manage Users.] | |||
* Choose Manage Projects/sites | * Choose Manage '''Projects/sites''' | ||
* | *Click '''New''' to create a new site | ||
* Fill in all the information i.e. Short Description, Long Description, Start date and End date | * Fill in all the information i.e. Short Description, Long Description, Start date and End date | ||
** | ** '''End date''' is the expiration date for the site, the users added in the next section cannot have an expiration date beyond the sites '''End date'''. The dates should be in the format '''YYYY-MM-DD''' | ||
** URIs are the resources that the sponsored users should have access to. If the resources are applications or servers then the manager of that resource must do what is necessary within that resource to authorize the external users to gain access. Add the following for Cheaha access: | |||
** URIs are the resources that the sponsored users should have access to. If the resources are applications or servers then the manager of that resource must do what is necessary within that resource to authorize the external users to gain access. | *** '''https://rc.uab.edu''' | ||
* | * Click on '''Add''' button to create the site | ||
* Click on '''Add''' button to create the site | |||
=== Create a user=== | === Create a user === | ||
Once the new site has been created: | |||
* | * Click [https://idm.uab.edu/cgi-cas/xrmi/users Manage Users.] from the left hand panel | ||
* In the drop-down select your XIAS site | * In the drop-down select your XIAS site | ||
* | * Click the '''Register''' button to add new users | ||
** Enter an end date for the new site user(s) in the format '''YYYY-MM-DD'''. The date cannot extend past the site's end date! | |||
** Enter the collaborator's email address in the box under the end date. You can add multiple users by putting each on a separate line. | |||
* Enter the | |||
=== Collaborator=== | === Collaborator === | ||
Inform the collaborator(s) to expect an emails from the following addresses containing instructions: | |||
* '''UAB Identity Management''' [[userservices@uab.edu]] | |||
* '''UAB External ID admin''' [[ph-admin@uab.edu]] | |||
==Request an account on | They will need to complete the process within '''72 hours''' of receipt of the email(s)! | ||
Once | |||
==Request an account on Cheaha== | |||
Once the steps above have been completed of adding/sponsoring XIAS account for your collaborator, send us an email on support@listserv.uab.edu with information about the collaborator. Please don't forget to include their PrimaryID and email address which you used to create their XIAS account, as it would become their Username on [[Cheaha]]. | |||
==UAB VPN Access== | |||
If the collaborators will need to access UAB VPN, you will need to add the following to your projects '''URIs''' list: | |||
* '''https://vpn.ad.uab.edu/''' | |||
The account used to login to UAB VPN uses a different format than their email address. This can be found by going to '''Manage Users''', select your '''Project Site''' and click '''List'''. The VPN account names are listed under the column '''AD account''' and will use the syntax '''XXXX-XXXXX-X'''', ex: '''xias-jdoe-3'''. | |||
===UAB 2 Factor Authentication (2FA)=== | |||
UAB VPN now requires the use of UAB 2FA (provided by Duo). The collaborator will need to call AskIT at '''(205) 996-5555''' to register a device for Duo before they'll be able to connect to VPN. | |||
After they've been registered with Duo, the collaborator will need to install the Cisco VPN client: [https://www.uab.edu/it/home/tech-solutions/network/vpn] | |||
Once installed, they'll launch '''Cisco AnyConnect''' and enter '''vpn.uab.edu''' in the field and click '''Connect'''. Their user name / account will be the previously mentioned '''XXXX-XXXXX-X'''' format, not their email address (they should have received an email with this account ID. |
Latest revision as of 21:32, 7 December 2020
This page describes the process for a UAB employee to request for a Cheaha account for an external collaborator (i.e. a person who does not have a UAB BlazerID).
Create XIAS Account
XIAS Accounts, or external access account. allows UAB employees to sponsor external collaborators to utilize some of the UAB resources for which the user has been granted access. Creating XIAS account is a self-service interface which allows you to sponsor and create an account for your collaborator at XIAS website.
For additional information, see the XIAS help page.
Going through the sponsorship process, you are stating that you know the individual(s) and are responsible for their actions while they are using the XIAS accounts.
Create a site
The XIAS website has two options on the left-hand panel: Manage Projects/Sites and Manage Users.
- Choose Manage Projects/sites
- Click New to create a new site
- Fill in all the information i.e. Short Description, Long Description, Start date and End date
- End date is the expiration date for the site, the users added in the next section cannot have an expiration date beyond the sites End date. The dates should be in the format YYYY-MM-DD
- URIs are the resources that the sponsored users should have access to. If the resources are applications or servers then the manager of that resource must do what is necessary within that resource to authorize the external users to gain access. Add the following for Cheaha access:
- Click on Add button to create the site
Create a user
Once the new site has been created:
- Click Manage Users. from the left hand panel
- In the drop-down select your XIAS site
- Click the Register button to add new users
- Enter an end date for the new site user(s) in the format YYYY-MM-DD. The date cannot extend past the site's end date!
- Enter the collaborator's email address in the box under the end date. You can add multiple users by putting each on a separate line.
Collaborator
Inform the collaborator(s) to expect an emails from the following addresses containing instructions:
- UAB Identity Management userservices@uab.edu
- UAB External ID admin ph-admin@uab.edu
They will need to complete the process within 72 hours of receipt of the email(s)!
Request an account on Cheaha
Once the steps above have been completed of adding/sponsoring XIAS account for your collaborator, send us an email on support@listserv.uab.edu with information about the collaborator. Please don't forget to include their PrimaryID and email address which you used to create their XIAS account, as it would become their Username on Cheaha.
UAB VPN Access
If the collaborators will need to access UAB VPN, you will need to add the following to your projects URIs list:
The account used to login to UAB VPN uses a different format than their email address. This can be found by going to Manage Users, select your Project Site and click List. The VPN account names are listed under the column AD account and will use the syntax XXXX-XXXXX-X', ex: xias-jdoe-3.
UAB 2 Factor Authentication (2FA)
UAB VPN now requires the use of UAB 2FA (provided by Duo). The collaborator will need to call AskIT at (205) 996-5555 to register a device for Duo before they'll be able to connect to VPN.
After they've been registered with Duo, the collaborator will need to install the Cisco VPN client: [1]
Once installed, they'll launch Cisco AnyConnect and enter vpn.uab.edu in the field and click Connect. Their user name / account will be the previously mentioned XXXX-XXXXX-X' format, not their email address (they should have received an email with this account ID.