IAM Service Requests

Most service requests may be made through the Registration interface. A list of requests which can be made are avaliable here.

The following additional service requests are avaliable. Those which are not yet avaliable as HEAT service requests can be requested by  e-mailing iam@it.ox.ac.uk.

Kerberos

  • Create/Delete a /itss principal
  • Create/Delete host/, krbtgt/ and other service principals
  • Assign/Revoke managment rights over a service principal to a /itss principal

Webauth

  • Create/Delete a webauth/ service principal
  • Assign/Revoke managment rights over a webauth/ service principal to a /itss principal

Oak LDAP

  • Create/Delete an oak-ldap/ service principal
  • Assign/Revoke managment rights over an oak-ldap/ service principal to a /itss principal
  • Grant/Revoke Oak Access to a webauth/ service principal
  • Change the level of an oak-ldap/ or webauth/ service principal's Oak access

Federation

  • Register/De-register a SAML Service Provider with the UK Access Management Federation
  • Release/Withdraw Oak LDAP attributes to a SAML Service Provider

Core User Directory

  • Register/De-register for Web UI access
  • Register/De-register for REST Interface access
  • Grant/revoke attribute release
  • Create/delete a cud/ service principal
  • Assign/Revoke management rights over a cud/ service principal to a /itss principal
  • Creation, administration and deletion of a CUD push (SQL, LDAP, SOAP)

 

Written by IT Services. Latest revision 25 April 2017