Identity Management

Identity Management refers to the services and processes that provide for authenitcation, authorization, and (in some cases) provisioning of computer users and groups. Identity Management is also called "account management". The College is increasingly using GT credentials to access CoC resources and is working to migrate entirely over time to centralize and simplify services. Here is the Institute's identity management policies:

The identity management systems and services at the CoC and Georgia Tech are described below.

Authentication

TSO provides identity management services for faculty, staff, graduate students, and other affiliates on an "as-needed" basis. This management manifests as a CoC account. A CoC account provides login access to many CoC systems and services.

Concurrently, OIT also provides identity management services for all GT persons in the form of a GT account, which also provides access to many systems and services. CoC is currently in the process of converting CoC authenticated systems to use GT credentials.

A general breakdown of which account provides which service is as follows:

GT Account:

Access to CoC instructional computing resources
Access to the CoC VPN
Access to my.gatech.edu (Zimbra mail)
Access to LAWN wireless networking, and many other GT online resources

CoC Account:

Access to research computing resources
Access to CoC home directories via smb://ccsamba.cc.gatech.edu/
Access to Faculty/Staff Exchange e-mail
Login access to CoC Windows and Macintosh desktops
Access to smb://adminfs.cc.gatech.edu/
Access to the CoC database server, ccdb.cc.gatech.edu

TSO operates a Kerberos service to provide authentication for CoC accounts. Windows, Linux, and Mac desktops located in the CoC make use of the Kerberos service to authenticate a user based on their password. At the same time, Linux systems within the CoC also provide for the use of SSH key-pair authentication. Systems which authenticate against the CoC Kerberos service must be registered with and under the purview of TSO.

OIT operates a Kerberos service and and LDAP service to provide authentication for GT accounts. CoC systems which authenticate against the GT Kerberos or LDAP service must be registered with and be under the purview of TSO.

Authorization

TSO provides an Active Directory service as well as NIS/LDAP services for authorization. In general, authorizations manifest themselves as Windows or Unix groups which are provided login access, file access, or other necessary accesses for systems and services. Memebership in these groups is handled via requests to the TSO Help Desk, who will authorize your access with the steward of the group.

Georgia Tech provides an Active Directory service as well as LDAP services for authorization. Authorizations manifest themselves as Windows or Unix groups. Membership in these groups is handled via requests to the TSO Help Desk, who will authorize your access with the steward of the groups.

Content type	Title Sort ascending
FAQ	Why are my resources expiring?
FAQ	What's Duo Two-Factor Authentication?
How To	Print backup duo codes
How To	How to add a landline phone to DUO
How To	How do I sponsor a collaborator or visitor?
FAQ	How do I reset my CC password?
How To	How do I add a backup mobile phone to DUO
How To	Generate a Duo Emergency Rescue Code for Another User
How To	Enroll Another User in Duo Two-Factor Authentication
Policy	CoC User Account and Access Policy

Technology Services Organization

College of Computing

Authentication

Authorization

Georgia Institute of Technology

Authentication

Authorization

Related Content