This document describes how IT support personnel can view and manage NETID users.
The UW NetID service supports an IT Support Org functionality to provide delegated support for NETID user attributes. This new functionality allows IT support groups to designate a UW NetID as an IT Support Org, associate Computing Support Staff with this IT Support Org, invite relevant UW NetIDs to be supported by them, and then view and manage UW NetIDs which have accepted the invitation to be supported.
This IT Support Org functionality has lots of room to grow, with known limitations like no programmatic access, but it does move us forward.
Note that the NETID User Limitations document describes limitations that this new functionality does not override.
Note that there are some workarounds to setting some NETID user attributes which may be superior.
- Contact the UW-IT Help Desk and let them know you’d like to get a Computing Support Org set up, in association with a Delegated OU. You can find out more about UW NetID Computing Support Orgs at https://wiki.cac.washington.edu/x/JhhlAQ. If you have an existing shared UW NetID which you use for departmental IT support (e.g. a shared email address that users send help requests to), you can add the Computing Support Org functionality to that existing shared UW NetID. Otherwise, you can request a new UW NetID that will be your Computing Support Org. The UW-IT Help Desk will gather some basic information from you to complete creating the Computing Support Org, including the name of your UWWI delegated OU.
- Go to the UW NetID Support Dashboard and sign in with your personal UW NetID (*NOT* your admin UW NetID). Note: you should see your delegated OU listed on this page. If you don’t see it listed, then the process of setting up the computing support group is incomplete, and you should contact the UW-IT Help Desk again. You can edit the OU admins, GP admins, and Computer Joiners associated with your delegated OU from this page, instead of sending change requests to MI. Choose the edit link to the right of your Support Org name. Add the UW NetIDs of Computing Support Staff who should be authorized to view and manage the UW NetIDs that accept your invitation. These UW NetIDs will need 2 factor authentication, so if you add any UW NetID which doesn’t currently have this ability, you should start the process of getting it. Only add personal UW NetIDs, not admin UW NetIDs. Note that on this edit page you can also permit non-employee UW NetIDs to be eligible to get an admin UW NetID.
- Send an email to all the people you consider supported by your Computing support organization. This email should include a link with a specially crafted URL in it. The URL you send is: https://uwnetid.washington.edu/manage/?add_org=supportOrgName where supportOrgName is your Computing Support Org name.If you want your users to be returned to your own site when they’re done you can use the following optional parameters:
Ampersands in your site’s URL can be encoded as “%26” (question marks do not need to be encoded). If the return_delay is unspecified, the user will be left on the manage page for three seconds before being returned to your site. A return_delay of zero will zip the user back to your site immediately, or as soon as the browser can refresh the page. If the return_name is specified with a return_delay greater than zero, the user will get a countdown timer with a “Return now” button that can be clicked to speed the process up.
- At the UW NetID Support Dashboard, you should see all the UW NetIDs which accepted your invitation on the Supported UW NetIDs link. From the Supported UW NetIDs page, if you select any of the UW NetIDs, you’ll see the basic settings associated with this UW NetID, just like the user would see if they went the UW NetID Manage page. If you then select the NETID Domain Settings link, you can see the NETID user attributes associated with this UW NetID. And finally, if you choose the edit link from the UWWI Settings page, you can edit that UW NetID’s NETID user attributes. Note that on the Update UWWI Settings page, you can quickly change from one UW NetID to another by using the ‘Support UW NetID’ menu in the upper right corner.
Viewing and Managing NETID Users
There are a limited number of NETID user attributes displayed via this interface. The NETID user attributes in this interface were chosen because they represented the highest perceived value for the effort required. We are certainly open to extending the NETID user attributes that are available.
The writable NETID user attributes available via this interface currently are:
- homeDrive. This attribute is used to designate which drive letter to map a Windows home directory to, e.g. “H:”
- homeDirectory. This attribute is used to designated the UNC path for a Windows home directory, e.g. “\\yourserver.pottery.uw.edu\username”
- profilePath. This attribute is used to designate a UNC path for a Windows roaming profile, e.g. “\\yourserver.pottery.uw.edu\profiles\username”
- scriptPath. This attribute is used to designate a UNC path for a Windows login script, e.g. “\\yourserver.pottery.uw.edu\share\logon.bat”
- loginShell. This attribute is used to designate a Unix login shell, e.g. “/bin/bash”
- unixHomeDirectory. This attribute is used to designate a Unix home directory, e.g. “/users/bart359”
The read-only NETID user attributes available via this interface currently are:
- displayName. This attribute is read-only, because it is a managed attribute. There are plans to integrate this with the UW NetID Display Name.
- distinguishedName. This attribute is read-only, and is system-maintained.
- extensionAttribute1 (displayed in the interface as “Whitepages Publishing Pref.”). This attribute is read-only, because it is a managed attribute. This attribute designates your student or employee whitepages publishing preference. This affects the displayName format.
- extensionAttribute2 (displayed in the interface as “Support Group”). This attribute is read-only, because it is a managed attribute. This attribute shows the Exchange support group.
- uidNumber. This attribute is read-only, because it is a managed attribute.
- whenChanged. This attribute is read-only, and is system-maintained. This attribute shows the last time this UWWI user was changed.
- whenCreated. This attribute is read-only, and is system-maintained. This attribute shows when this UWWI user was created. A value around August 2006 indicates that this NETID user has been around since the service inception.
- pwdLastSet. This attribute is read-only, and is system-maintained. This attribute shows when this NETID user’s password was last set. A value around August 2006 indicates that this NETID user has been around since service inception, and if a NETID user that has been around since inception is unable to login (and has a space in their password), then they will need to reset their UW NetID password.
If you’d like to access additional NETID user attributes via this interface, please let us know.