Information technology tools and resources at the UW
On a user basis, the Managed Workstation service provides:
- Managed Workstation access
- Managed Workstation Home directory (H:\)
- Managed Workstation VPN access
- Managed Workstation File Service access (I:\groups)
For all of these per-user capabilities, the NetID user account is used which is automatically provisioned with a UW NetID. You do not request a user account other than the UW NetID.
NOTE: Some users still use a NEBULA2 user account. These accounts should no longer be used and will be disabled in the future. You can migrate to a NETID user account.
Users are tied to a Managed Workstation department. To use the Managed Workstation service you must first have a department.
Access via eligibility groups
Each Managed Workstation department is asked to provide at least one eligibility group to enable this set of user access. An eligibility group is a UW Groups Service group which you’ve told us should be used for the purpose of managing who has access to Managed Workstation services. This eligibility group is an authoritative list of which users you would like to have access to our services. Most departments want all of their users to get all 4 of these capabilities, so only a single eligibility group is all that is needed. If this is the case for your department, you can follow the simple instructions below to change your eligibility group.
NOTE: This means that when someone new joins or leaves your department you should add or remove them to your eligibility group via the Groups Service. This will result in the desired Managed Workstation access change.
However, some departments would like to differentiate which users get which capability. If that’s the case for your department, we’ll need as many eligibility groups as you need to differentiate. And to keep things simple for the majority of customers, we’ve limited your ability to set all of these eligibility groups yourself. So if you need to differentiate who gets a home directory or who can get access to your files in the Managed Workstation file services or who gets VPN access, you’ll need two or more eligibility groups. Email us for help in setting up multiple eligibility groups to differentiate which users get access to which capability.
Billing for user capabilities
At this time, on a per-user basis, we only bill for the Managed Workstation home directory. Department contacts can explicitly assign a budget to a given home directory via MyIT. If no budget is explicitly provided, we assign the default user budget for your department to your new home directories.
Put another way, if after you add a new user to your eligibility group you do nothing further, then the default user budget will be used for that new user’s Managed Workstation home directory. If that isn’t the desired outcome, you can use MyIT to explicitly assign a different budget.
Access to folders in the Managed Workstation file service (i:\groups)
In addition to needing be eligible to access the Managed Workstation File Services, any given user must be granted access to the specific folder they need access to. Changes at the folder level are also managed via the UW Groups Service. However, it may not be clear which group controls access to a given folder. We can help with that–email us for assistance. You can also ask us to change which group controls access to a given folder.
Exchange Online, Microsoft’s cloud-based email and calendar service, is now available to all current UW students, faculty and staff. More information and instructions are available at https://itconnect.uw.edu/connect/email/exchange-online/. Mail sent to new staff will be delivered to their deskmail folder until they change their forwarding.
Local administrator access for a managed workstation
We recommend that users not generally have local administrator privileges because there are a large variety of security risks preventable by not having that access. But there are many cases where these privileges are necessary. If you need to request that a given user have local administrator privileges, you can use this form to request local administrator privileges.
When the form is submitted, it will create a support request and send you an email confirmation. Please refer to the request number in the subject line of the e-mail for any future correspondence.
Please allow one to two days to process your request. If you have questions, you can respond to your confirmation email or call (206) 221-5000.