Approving COManage Registrations¶
OSG is using a new identity management system called COManage. This system is used for managing contact information for OSPool and PATh Facility users, Topology site contacts, and OSG/PATh staff.
User registrations must be manually approved by a COManage admin. Follow the instructions below to approve a user registration.
Note
This page is for COManage Admins who want to approve user registrations. If you are a user who wants to register with COManage, go to the Registering for the OSG COManage page instead.
-
Check for contact registration requests:
-
If you are a COManage sponsor for a given group of registrants, you will receive email notifications when there are new registration requests. Check for an email from registry@cilogon.org saying "Petition for
changed status from Confirmed to Pending Approval" and visit the first link in the body. -
Alternatively, you can view all requests pending approval here. Click on the registrant's name to view their request.
Note
Many groups share our COManage instance so make sure that you're only approving registration requests for the appropriate group, e.g. site contacts.
-
-
If prompted, log in with your institutional credentials.
-
Review the request:
-
Verify that the request is legitimate by doing at least one of the following:
- Find associated support tickets by searching for their email address in Freshdesk
- Ask someone affiliated with the site, collaboration, or the sponsor of a project to verify the registrant's affiliation.
- Ask if other staff have been in contact with them via the
#staff
Slack channel
-
Verify that the registrant has submitted their request using the correct form, e.g. OSPool users should not have submitted a request to register as a Topology contact.
-
-
In the top-right corner, click the "Add comment" link and add a note indicating how you verified the request
'Approver Comment' is public
The registrant will see notes added to the "Approver Comment" field
-
Click the "Approve" button. You should see "Petition Approved" and "Petition Finalized" on top. The Status should now be "Finalized".
-
Click on their name next to
CO Person
to verify that the registrant isActive
and that they are in the expected groups. -
The user will get an email saying "Petition for
changed status from Pending Approval to Approved".
Troubleshooting¶
The COManage petition is stuck in the "confirmed" state¶
This may happen if there are issues when confirming the user's email address. We have seen this occur if a user clicks the confirmation link then closes the tab too quickly.
-
Under the
People
drop-down on the left, click onMy Population
-
Browse to the
CO Person
record. -
Scroll down to the
Role Attributes
, click the gear icon, selectEdit
, and set the status for theRole
toActive
. -
Verify that the overall status of the
CO Person
record isActive
. If not, change it toActive
as well. -
Click on
Autogenerate Identifiers
on the right, so that the necessary identifiers are created. -
Now that the necessary identifiers exist for the
CO Person
record, the LDAP DN can be computed and the record provisioned in LDAP. To make sure, click onProvisioned Services
and thenProvision
.