You are here: Foswiki>IN Web>UserAccount (30 Nov 2023, ChristophHandel)Edit Attach

User Account

ACO has it's own identity management system. To request an account have your group-leader or gsi contact person send an email to acctech at gsi.de with the following information

  • first name, last name
  • GSI organizational unit (aco, bea, ...)
  • email address (@gsi.de)
  • campus (windows and lx-pool) account name(s)
  • short reason, why the account is required
  • existing similiar account

It helps if a similar account is known (e.g account of a person that works in the same organizational unit). The csco account is used for all services managed by csco infrastructure, including git, wiki, linux shell, etc.

Why do we need your campus account? It helps us to track users leaving gsi and licensing issues. In addition we want use the same account name.

Why should my group-leader send the email? Because we don't know you, but your group-leader is known.

Why do we need a similiar account? Because we need to figure out the department/group name. Those have changed a few times and we probably still use an older name. For example department ACO ist the unix group bel and BEA is the unix group sd.

Network Access

Physical network access and the gsi campus is provided by different departments. Network outlets supported by CSCO are labeled with "Managed by ACC division". The following policy's are valid for outlets supported by CSCO. Other departments have similiar policy's.

  • One device per outlet. No Switches.
  • Devices must send traffic without external stimulation.
  • Devices should use dhcp. This satisfies the previous point
  • On Link loss a device must again send traffic without external stimulation
  • Device registration is mandatory for any network

A Device connected to an outlet run through the following steps

  • link negotiation (10/100/1000, duplex, etc)
  • request ip address via dhcp
  • switch port authentication ieee 802.1x.
  • port authentication configures vlan. Unregistered devices won't get network access.

Outlets marked with colored dots have special configurations and are not for general use. Red dots mark outlets with hard configured mac adresses. Blue dots mark switch uplinks, do not disconnect uplinks, restarting them requires manual intervention from cscoin.

Device registration

Devices for the general campus network must be registered with the user helpdesk. See http://www.gsi.de/it-service and https://www.gsi.de/work/administration/bit/service/netzwerk/ip_adresse.htm

Devices that should connect to the accelerator network must not be registered with the campus it. For these devices the following information is required
  • mac address
  • responsible and deputy contect and department,
  • device name
  • pxe boot parameters if required
Edit  | Attach | Print version | History: r16 < r15 < r14 < r13 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r16 - 30 Nov 2023, ChristophHandel
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback