New User Process
This is the process for creating new users. It involves all normal systems the IT takes care of.
Network/Workstation Login and Rights(FreeIPA)
FreeIPA is what we use for identity and permissions management in the Iowa office's network.
NOTE: Make sure you're authenticated and have a valid kerberos ticket or none of this will work.
Add User
Adding a user to IPA is pretty straight forward. Make sure you check there is not a conflicting user. If you create a conflicting user, there will be lots of confusing problems. So don't do that.
To create a user, use the script /root/scripts/create_user.sh [username] [firstname] [lastname] to create new users. e.g. /root/scripts/create_user.sh mike Mike Shultz
Groups
Make sure to add the user to necessary groups, including group "users". All users should be a member of "users" but all other group memberships should be cleared by HR/management/their supervisor.
ipa group-add-member research --users=johnson
Google Apps
NOTE: Don't forget to check for conflicting users here as well. If there is, you can delete the user if they've been suspended for over 60 days. If the user was a Director or someone that may have had important data, check with management to see if their data should be transferred.
Account
- Login to admin interface and navigate to Users -> + (plus sign) to add a new user
- Fill in the required information
- For simplicity sake, use the randomly generated password that IPA gave you to 'Set Password" from this window
Groups
A user also needs to be a member of the necessary groups so they get E-mail for accounts like iastaff@. Other than generic staff/intern groups, they should be requested in the ticket.
- Find the group using the search bar
- Click "Manage Users"
- Add the user using the box at the top of the page
FIN
You're done. Give the password to the reporter in an encrypted form and everything should be good to go.
CategoryITDoc
