Project

General

Profile

VOMS administration

Access to grid resources at Fermilab is controlled by an central VOMS database.

Authorized Minos people can use the VOMS Admin web site to modify the /fermilab/minos group

  • Change group membership.
  • Change user role assignment typically Production.
    By default, everyone has an Analysis role.
  • Change the list of authorized administrators

The /fermilab/minos group can be seen at
https://voms.fnal.gov:8443/voms/fermilab/group/edit.action?groupId=191

Access is via a cilogon cert loaded in your browser.
  • Get a usercert.p12 credential file at https://cilogon.org
  • Search and select Fermi National Accelerator Laboratory and click [Log on]
  • Use your Fermilab Services password.
  • Set a 12 character secure local password for the resulting usercred.p12 .
  • Import that credential into your browser.

Membership

To add/remove a user to the group,
  • Browse: Users
  • search for the user
  • click [more info]
  • select Groups and Roles /fermilab/minos from the dropdown menu
  • click [Add to group]
    • A green message will flash up
    • /fermilab/minos will show up in the Groups and Roles list

To remove, click [Remove from this group] under the /fermilab/minos listing

To review members, Browse: Groups, selecting /fermilab/minos

Roles

All users get an Analysis role by default when their account is created on a Minos central system.

To adjust roles, browse to the user, select [more info]
and follow the prompts under the Groups and Roles /fermilab/minos listing
It can take about a minute to add or remove the Analysis role.
Other roles take just a second.
The Minos Production role gets extra priority on Fermigrid.

Administative ACLs

You can Browse: ACL selecting /fermilab/minos.

This can be used to manage permissions, and remove authorized administrators.
It is not practical to add a new entry, as the dropdown list is large and not searchable under
  • Add an entry to the ACL of context: /fermilab/minos for
    • a VO member certificate