Versions Compared

Old Version 4

changes.mady.by.user hlflanagan@internet2.edu

Saved on

compared with

New Version 5

changes.mady.by.user hlflanagan@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Do you want members of one collaboration to potentially be able see the members of another collaboration?

    1. A flat logical structure with multiple collaborative organizations (COs) implies an impact on the overall architecture for the COmanage Registry.  Each CO will have a set of people records underneath it; an individual might have multiple person records if they are members of multiple COs. This could become confusing for a user who would experience different access restrictions despite logging in with the same organizational identity.  Alternatively, the platform can be configured to have a single, master CO with multiple COUs underneath it. From the user perspective, their person record could then be attached to multiple COUs, giving them a complete view of what their information in the Registry. For more information on the differences between a CO and a COU, see CO vs. COU.

      Tip

      If it is important to prevent users or even administrators from seeing who is in other collaborations on the platform, then it will be important to configure the environment with multiple COs instead of one CO with multiple COUs. The downside of that model, however, is that users will have a higher burden if they need to enroll multiple times, and the linking of applications may become more complicated.


  2. Do you want to delegate as much of the user and enrollment management process as possible to group or COU administrators as possible?

    1. By default, only the CO admin can invite or add people to the CO. If you would like to delegate the ability to others to do the invitations or additions, the CO admin can enable that when they create the enrollment flows for the CO.   

      Tip

      In smaller collaborations, this might not be necessary; one administrator can manage the enrollment processes. In larger collaborations, however, delegation may be a better model.


Steps to set up your first VO

  1. The site administrator will have set up the first CO called the COmanage CO; this is the one CO that bootstraps all the rest. You will need to be enrolled in that CO and set up as a platform administrator. The platform administrator is the superuser for the platform, but cannot run enrollment flows for the COs unless explicitly configured to do so. For more on the different types of administrators, see Registry Administrators.


    "Platform Administrators are configured

    Info

    The first user created in the set up script will, by default, also be a platform administrator. Additional platform administrators can be assigned by adding the appropriate Organizational Identity to the COmanage Registry, and then adding the corresponding person to the admin group within the COmanage CO.

    "

  2. Go to the COmanage Registry URL (address TBD for your site). During the installation process, the site administrator should have set up the discovery service so you can login with your institution's preferred IdP.

...