en:navody:perun:vytvoreni_servisniho_uctu:start

Managing service user account

This manual includes instructions for this use-case only. If you use other instructions you can cause unwanted functioning of system.
For specific needs of Data Care Department please do NOT select your username such, that begins with VO_, e.g. service user account backup for VO_xyz should have login xyz_backup. The rule that all logins should have lower case letters based on US alphabet (i.e. without special characters, which are presented in some special languages) is very important as well.

Creating service user account

  • Please log in into the Perun system and then go to the VO Manager section.
  • On the left panel please click on Select VO. Now you can see the list of the VOs under your administration.

  • Please choose the desired VO, where would you like to create a service user account.
  • The easiest way how to create a service user account is to choose Create service member button on the Overview bookmark.

  • There will appear new dialog window 1. Create service identity, where is necessary to fill an account info.

  • you have to enter:
    • Member's name - a name describing service member to identify him (something to identify, not necessary name and surname)
    • Member's email - please insert the email, which will be preferred for the service user account. In case you don't want to receive any emails you can insert for example nomail@metacentrum.cz so as emails sent to this address will be automatically deleted.
    • if you want to have login for service member then enter:
      • Namespace - choose namespace from popup menu with possible namespaces. It must be the same namespace as namespace where service member account is going to be used.
      • Login - logname of new service member in selected namespace. Some VOs has own rules how to construct login. For example VOs associated to Data Storages require name always beginning with name of VO, e. g. the service account backup for VO_xyz will have login xyz_backup.
    • if you want service member to use certificate then:
      • choose Not selected option for Namespace
      • Subject DN - DN of certificate
      • Issuer DN - DN of certification authority
    • otherwise leave it unfilled
    • press the button Continue.
  • In the following dialog box 2. Associate real users:

  • Please insert into the search field real user's name or login, to which will be the service account associated and then click on the Search button.
  • Please select the user by ticking the checkbox next to the desired username and then click on the Add button.
  • To continue, please click on Continue button.

  • The following dialog window 3. Set password for: logname have to be filled only if logname for service account is required.
    • Please insert the password into the Password field and then repeat it once more in the Re-type password field.
    • Then click on the Set password button.
    • Otherwise you can click on Skip button.

  • Service account is created now and you can find it in the VO member list under the Members option in the left panel. Service accounts are marked with the (Service) word in front of the user name.
All changes made in the Perun system will be active in one hour. Thus executed changes are not immediate!!!.

Back to top

Adding associated user to the existing service user account

This manual includes instructions for this use-case only. If you use other instructions you can cause unwanted functioning of system.
  • Please log in into the Perun system and then go to the VO Manager section.

  • On the left panel please click on the User section and then click on Service identities. There will appear the list of yours service accounts.

  • Please choose desired service account. (Note: Service identities will automatically change to Associated users.)

  • Please choose Associated users from the left Menu and then click at Add.

  • Please insert the name, surname, email or login of the user with who you wish to associate the created service account and then click on the Search button.

  • Please choose the desired user from the search results and click on the Connect button.
All changes made in the Perun system will be active in one hour. Thus executed changes are not immediate!!!.

Back to top

Last modified: 14.12.2017 10:30