spaces.at.internet2.edu has been upgraded to Confluence 6.12.2. If you have any questions and/or concerns, please contact us at collaboration-support@internet2.edu
Skip to end of metadata
Go to start of metadata

Task

Registry Admin

CO Admin

CO Participant

Guest

Sys Admin

Notes

CO Instance Management

 

 

 

 

 

 

Add Person as Registry Admin

(tick)

 

 

 

 

 

Remove Person as Registry Admin

(tick)

 

 

 

 

 

Provision CO

(tick)

 

 

 

 

 

Edit CO

(tick)

 

 

 

 

 

Deprovision CO

(tick)

 

 

 

 

 

Provision App to CO

(tick)

(tick)

 

 

 

Provisionable apps ideally are deployable to the CO instance without manual steps, support federated authnz, etc. (are domesticated, probably packaged).  Apps include mailing list management.

Deprovision App from CO

(tick)

(question)

 

 

 

 

Configure Known IdPs

(tick)

(question)

 

 

 

Discovery Service management
Also configure known LDAP servers, attribute mappings for identity data

Person Management

 

 

 

 

 

 

Request Add Person to CO Directory

 

 

(tick)

(question)

 

Guest might be able to self register

Add Person to CO Directory

(tick)

(tick)

(question)

 

 

Via invite, directory query, etc.

Edit Person

(tick)

(tick)

(question)

 

 

Fix name, title, etc.

Remove Person from CO Directory

(tick)

(tick)

(question)

 

 

 

Role/Group Management

 

 

 

 

 

 

Add CO Admin Role to Person

(tick)

(question)

 

 

 

 

Remove CO Admin from Person

(tick)

(question)

 

 

 

 

Create CO Group/Role

(tick)

(tick)

(question)

 

 

Possibly defined as a (partially) federated group

Remove CO Group/Role

(tick)

(tick)

(question)

 

 

 

Add Person to CO Group/Role

(tick)

(tick)

(question)

 

 

CO Groups could include Federated Groups

Remove Person from CO Group/Role

(tick)

(tick)

(question)

 

 

 

Provisioning

 

 

 

 

 

 

Dynamic (group based) Person Provisioning to CO Applications

(tick)

(tick)

 

 

 

Configure group to app provisioning; For now, provisioning includes: ACLs; Just-In-Time; or, Pre-provisioned

Dynamic Person Deprovisioning from CO Applications

(tick)

(tick)

 

 

 

One Person removed from Group or CO

Ad Hoc Person Provisioning to CO Applications

(tick)

(tick)

 

 

 

Just-In-Time or Pre-provisioned

Ad Hoc Person Deprovisioning from CO Applications

(tick)

(tick)

 

 

 

On demand or Person removed from CO

Content

 

 

 

 

 

 

Login to CO Portal

(question)

(tick)

(tick)

 

 

Dynamically generated links to provisioned apps

Login to CO Applications

(question)

(tick)

(tick)

 

 

 

View CO Public Content

 

(tick)

(tick)

(tick)

 

(tick)
indicates target audience (anyone can view public info)

Audit

 

 

 

 

 

 

View Person History

(tick)

(tick)

(tick)

 

 

Provisioned, added to group, etc.

Reporting

(tick)

(tick)

 

 

 

 

System Administration

 

 

 

 

 

 

Provision Cluster Resources (Hardware, VM, etc)

 

 

 

 

(tick)

 

IP Address Registration/Management

 

 

 

 

(tick)

Includes, for example, app-3.cluster.net as well as myvo.org

Application Upgrades

 

 

 

 

(tick)

Or could be done by a separate App Admin

OS Upgrades

 

 

 

 

(tick)

 

Backups

 

 

 

 

(tick)

 

(question) "Power User" functionality

Additional Notes

  • Multilingual support
  • No labels