Date: Thu, 28 Mar 2024 20:50:16 +0000 (UTC)
Message-ID: <888508382.6983.1711659016903@ip-10-10-7-29.ec2.internal>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_6982_1261183375.1711659016901"
------=_Part_6982_1261183375.1711659016901
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
- Define a CO
- Configure CO Enrollment Flow
- Enroll person
- Approve person
- Search for person in Directory
- Login to Dokuwiki as person
- Expire person
- Search for person in Directory
- Login to Dokuwiki as person
Background
This script utilizes two roles intended to demonstrate the platform:
- U1: A new member of the Demo CO
- P1: The Demo CO Admin
The login identity or EPPN (such as foo@idp.protectnetwork.org =
or bar@internet2.edu) associated with each role will be referred t=
o as a "login" for short, eg: U1 login.
The "Demo IDMS" refers to the COmanage Registry demonstration installati=
on available at https://demo.co.internet2.edu/registry.
The "Demo Directory" refers to the COmanage Directory demonstration inst=
allation available at https://demo.co.internet2.edu/directory.
The "Demo Wiki" refers to the Dokuwiki demonstration installation availa=
ble at https://demo.co.internet2.edu/dokuwiki.
Presenter Requirements
The following must be done for each presenter once (not once per present=
ation):
- Each presenter who will perform P1 must have the organ=
izational identity for the P1 login they will use for the =
demo added to or used to login to the Demo IDMS.=20
- "Organizational Identities" -> "Add a New Organizational Person"
- Be sure to add an email address (so the identity can be invited to =
MyCO).
- Be sure to add the EPPN as an identifier and check the "login" box so i=
t can be used to login to the Demo IDMS.
- Each P1 login organizational identity must be invited =
to Demo.
- Each P1 login MyCO identity must be added to the group=
Demo:admin.
Pre-Demo Checklist
- Remove U1 login from Demo and delete the orga=
nizational identity from the Demo IDMS.
- Remove enrollment flows from previous demos.
- Delete any previous demo pages from the Demo Wiki.
- Delete any previous Extended Attributes
Introduction (5 min)
- roll call
- validation of sound quality
- review of purpose of the demo
- pause for questions at end of every section
Domain and Language (10 mi=
n)
- Show Enrollment flow diagrams=20
- "These are the most common paths for getting individuals in to a VO, ba=
sed on our discussions to date"
- "How this is looks to the users of the CMP may vary. We'll look at what=
COmanage itself would look like out of the box, then look at how it might =
be implemented behind the scenes in a more branded, portal environment."
- Note that ideally, all this presupposes participating institutions are =
part of a federation
COmanage Technical dem=
o (25 min)
- P1 logs into Registry
- P1 creates a new Enrollment Flow=20
- Enable CO or COU Admin Enrollment
- Require Approval
- Define attributes=20
- COU, CO Person
- Name, Official, Org Identity
- Email, Office, Org Identity
- Identifier, ePPN, Org Identity, Login
- Organization, Org Identity
- Affiliation, Org Identity
- Name, Preferred, CO Person
- Title, CO Person Role
- Email, Office, CO Person
- Address, Office, CO Person Role
- Telephone Number, Office, CO Person Role
- Affiliation, CO Person Role
- Valid From, CO Person Role
- Valid Through, CO Person Role
- P1 defines a new Extended Attribute
- P1 adds the Extended Attribute to the Enrollment Flow<=
/li>
- P1 adds an Extended Type (show off in Enrollment Flow?=
)
- P1 defines a new Identifier Assignment=20
- This identifier will auto-populate an email address upon approv=
al
- P1 execute new Enrollment Flow ("My Population" > "=
Enroll")=20
- Explicitly create an email address OR tell the new Identifier to create=
an email address
- Demonstrate real-time matching on preferred name attribute (first 'joh', pause 'n', last: 'a' should work in co name)
- P1 adds new Person with Organizational Identifier as a=
sserted by U1's IdP
- Add a Telephone Number and Address to show in Directory
- P1 approves the petition=20
- Show off email address auto-populated by identifier assignment executio=
n via enrollment flow
- P1 searches for U1 in Directory
- P1 also demonstrates type ahead
- P1 adds U1 to Dokuwiki group
- U1 login to the wiki
- U1 logs out of wiki=
li>
- P1 returns to Registry
- P1 sets expiration date to be in the past
- P1 searches for U1 in Directory
- U1 attempts to login to the wiki again
Other
Optional items if applicable to audience
- REST API
- Discuss what kind of attributes an institution might need to release to=
make this useful
Closing (10 min)
- final questions
- review utility of the demo - was this useful?
- set up another call in 1-2 weeks to answer any questions that might hav=
e come up
Post-Demo Checklist
- If P1 login ordinarily has CMP Admin privileges (ie: i=
s a member of COmanage:admin), but they were removed in the Pre-De=
mo Checklist, add a COmanage:admin group membership.
- Perform the cleanups described in the Pre-Demo Checklist so they don't =
have to be done next time
------=_Part_6982_1261183375.1711659016901--