ICC Home  /  Members  /  Meetings  /  Peer Support  /  Documentation  /  Projects


Gatorlink Account Management:


Return to IT/SA Services Exit procedures and permission removal

About this page:

Based on the streamed presentation by Mike Conlon on the morning of 28 Sept 2006, Steve Lasley assembled the following screen shots and comments. These comments are Steve's own. Also, please note that the beginning of the presentation was missed (not sure how much) and the audio was absent until part way through. Steve will come back and clean this up as more details are available.

GLAM project summary:

A major Gatorlink Account was in progress throughout the summer of 2006 and is due for full implementation by mid November, 2006. This project involves new means and methods for managing Gatorlink accounts for people affiliated with UF.

As a result of this project, Gatorlink accounts will be better controlled via the affiliation (role) change process. Certain affiliation changes will occur at the enterprise level and those changes will affect such things as account creation, account expiration, and account deletion. The two major categories to consider here are students and employees.

Centralized Handling of Student Accounts

Students will have their UFID and student affiliations established by the Office of the University Registrar (OUR). Students will create their own Gatorlink usernames and passwords via the web at http://www.gatorlink.ufl.edu. These processes continue from past practice. What is new, however, is that when admission ceases, OUR will change that affiliation and the account will be automatically expired. From that point, the account will be retained for a 13 month period--at which time it will be deleted and may be reassigned.

Centralized Handling of Employees

UFIDs for employees are established by directory coordinators in each department. With the new processes, UFID creation is all that must be done at the department level. Much of the remainder will be handled automatically. HR will add the employee affiliation and then the individual can create their Gatorlink account via the web at http://www.gatorlink.ufl.edu. When an employee leaves, HR changes their affiliation to a time-limited affiliation of "Recent Employee". 30 days after that, this affilation is removed and the account is automatically expired.

Department-centric Handling of Associates

It may often be the case that departments want more direct control over accounts, rather than submit to the default automatic processes. Much of this can be handled via assigning a role of Departmental Associate. With that affiliation, departments have complete control over when an account is established and how long it remains active.

This allows for the handling of various and miscellanous exceptions to the general rules.

Gatorlink Account "States"

The above slide details the various states under which an account may exist. The new processes will allow for the expiration, deletion of Gatorlink accounts--something we have not had in the past. The Help Desk may also disable accounts based on administrative authority of the unit involved; this will mainly be for any necessary immediate handling of "untrusted" employees.

Accounts vs. Services

What an account holder may do depends on your affiliation. Faculty, staff and students get access to various resources, such as email, etc. Guest and Departmental Associates only get access to the wireless network and to the portal. Access to services are not controlled centrally, but are controlled in a distributed fashion by each service provider.

Not all affiliations provide an account. Again, the departmental associate affiliation is the means for a department to have individual control over that aspect.

Guest Accounts

New Guest account processes are being instituted. Many individuals will be granted the authority to create 14 day guest accounts. The recommended use of these accounts can be contrasted with that of the Departmental Associate affiliation as follows:

Departmental associates should be well-known individuals with permanent UFIDs. Such individuals may also have additional roles within UF. Guest accounts should be used for more temporary and casual access. Those accounts are time-limited and are removed automatically. Guests cannot have additional affiliations with UF.

Gatorlink Username Length Changes

New accounts will be limited to 16 rather than just 8 characters. Individuals with accounts currently may change their usernames to take advantage of the longer namespace. However, this is not to be done lightly. Well many of the centralized services (the portal, ISIS, etc.) can handle a change without problem, not all can. One notable exception (and there are others) is WebCT. Arrangements for changes must be made via the UF Help Desk and will involve thorough consideration of consequences regarding services affected.

Other Changes

BizTalk will provide realtime messages of account system changes that can be used by units. Dan Cromer has assigned Daniel Halsey to oversee the IFAS end of this. Temporary passwords will no longer be assigned for new accounts (YAY!).

Conclusion

The initial implementation in mid-November will result in the removal of over 70 thousand accounts. The list of those to be removed will be distributed prior so that all departments may peruse those and have the chance to control that (via the assignment of Department Associate affiliation, for example).

Addendum: On October 16th, Nancy Hodge sent a notice to all Directory Coordinators detailing steps to take regarding the initial expiration of roughly 50,000 Gatorlink accounts.


last edited 17 October 2006 by Steve Lasley