Approving COManage Registrations¶
OSG is using a new identity management system called COManage. Initially, this system will be used for managing access to OSG staff-internal monitoring webpages at UNL, and managing access for OASIS logins.
User registrations must be manually approved by a COManage admin. Follow the instructions below to approve a user registration.
This page is for COManage Admins who want to approve user registrations. If you are a user who wants to register with COManage, go to the Registering for the OSG COManage page instead.
Check for an email from email@example.com saying "Petition for
changed status from Confirmed to Pending Approval".
Click the first link in the email.
Log in with your institutional credentials. You should see a "View CO Petition..." page. The Status should be "Pending Approval".
You can also access this page by logging into https://registry.cilogon.org/registry and clicking on "CO Petitions" under the left-hand "People" menu.
Click on the name of the pending application. This will take to you the page where you can see their full application and have the option to approve them.
Verify that the application is legitimate. Ask someone affiliated with the site, VO, or the sponsor of a project to verify the applicant's affiliation. In the future, applicants will be asked to provide the contact information of such a person -- similar to our existing contact registration process.
Click the "Approve" button. You should see "Petition Approved" and "Petition Finalized" on top. The Status should now be "Finalized".
The user will get an email saying "Petition for
changed status from Pending Approval to Approved".
The links in the email are expected to be useless (the first link will give them "Permission Denied" and the second link will merely allow them to "acknowledge" that they received the email).
If the user asks, reassure them that they are registered and no further action needs to be taken.
The COManage petition is stuck in the "confirmed" state¶
Peopledrop-down on the left, click on
Browse to the
Scroll down to the
Edit, and set the status for the
Verify that the overall status of the
CO Personrecord is
Active. If not, change it to
Autogenerate Identifierson the right, so that the necessary identifiers are created.
Now that the necessary identifiers exist for the
CO Personrecord, the LDAP DN can be computed and the record provisioned in LDAP. To make sure, click on
Provisioned Servicesand then