- Define a CO
- Configure CO Enrollment Flow
- Enroll person
- Approve person
- Search for person in Directory
- Login to Dokuwiki as person
- Expire person
- Search for person in Directory
- Login to Dokuwiki as person
Background
This script utilizes two roles intended to demonstrate the platform:
- U1: A new member of the Demo CO
- P1: The Demo CO Admin
The login identity or EPPN (such as foo@idp.protectnetwork.org or bar@internet2.edu) associated with each role will be referred to as a "login" for short, eg: U1 login.
The "Demo IDMS" refers to the COmanage Registry demonstration installation available at https://demo.co.internet2.edu/registry.
The "Demo Directory" refers to the COmanage Directory demonstration installation available at https://demo.co.internet2.edu/directory.
The "Demo Wiki" refers to the Dokuwiki demonstration installation available at https://demo.co.internet2.edu/dokuwiki.
Presenter Requirements
The following must be done for each presenter once (not once per presentation):
- Each presenter who will perform P1 must have the organizational identity for the P1 login they will use for the demo added to or used to login to the Demo IDMS.
- "Organizational Identities" -> "Add a New Organizational Person"
- Be sure to add an email address (so the identity can be invited to MyCO).
- Be sure to add the EPPN as an identifier and check the "login" box so it can be used to login to the Demo IDMS.
- Each P1 login organizational identity must be invited to Demo.
- Each P1 login MyCO identity must be added to the group Demo:admin.
Pre-Demo Checklist
- Remove U1 login from Demo and delete the organizational identity from the Demo IDMS.
- Remove enrollment flows from previous demos.
- Delete any previous demo pages from the Demo Wiki.
- Delete any previous Extended Attributes
Introduction (5 min)
- roll call
- validation of sound quality
- review of purpose of the demo
- pause for questions at end of every section
Domain and Language (10 min)
- Show Enrollment flow diagrams
- "These are the most common paths for getting individuals in to a VO, based on our discussions to date"
- "How this is looks to the users of the CMP may vary. We'll look at what COmanage itself would look like out of the box, then look at how it might be implemented behind the scenes in a more branded, portal environment."
- Note that ideally, all this presupposes participating institutions are part of a federation
COmanage Technical demo (25 min)
- P1 logs into Registry
- P1 creates a new Enrollment Flow
- Enable CO or COU Admin Enrollment
- Require Approval
- Define attributes
- COU, CO Person
- Name, Official, Org Identity
- Email, Office, Org Identity
- Identifier, ePPN, Org Identity, Login
- Organization, Org Identity
- Affiliation, Org Identity
- Name, Preferred, CO Person
- Title, CO Person Role
- Email, Office, CO Person
- Address, Office, CO Person Role
- Telephone Number, Office, CO Person Role
- Affiliation, CO Person Role
- Valid From, CO Person Role
- Valid Through, CO Person Role
- P1 defines a new Extended Attribute
- P1 adds the Extended Attribute to the Enrollment Flow
- P1 adds an Extended Type (show off in Enrollment Flow?)
- P1 defines a new Identifier Assignment
- This identifier will auto-populate an email address upon approval
- P1 execute new Enrollment Flow ("My Population" > "Enroll")
- Explicitly create an email address OR tell the new Identifier to create an email address
- Demonstrate real-time matching on preferred name attribute (first 'joh', pause 'n', last: 'a' should work in co name)
- P1 adds new Person with Organizational Identifier as asserted by U1's IdP
- Add a Telephone Number and Address to show in Directory
- P1 approves the petition
- Show off email address auto-populated by identifier assignment execution via enrollment flow
- P1 searches for U1 in Directory
- P1 also demonstrates type ahead
- P1 adds U1 to Dokuwiki group
- U1 login to the wiki
- U1 logs out of wiki
- P1 returns to Registry
- P1 sets expiration date to be in the past
- P1 searches for U1 in Directory
- U1 attempts to login to the wiki again
Other
Optional items if applicable to audience
- REST API
- Discuss what kind of attributes an institution might need to release to make this useful
Closing (10 min)
- final questions
- review utility of the demo - was this useful?
- set up another call in 1-2 weeks to answer any questions that might have come up
Post-Demo Checklist
- If P1 login ordinarily has CMP Admin privileges (ie: is a member of COmanage:admin), but they were removed in the Pre-Demo Checklist, add a COmanage:admin group membership.
- Perform the cleanups described in the Pre-Demo Checklist so they don't have to be done next time