Content (1170)
The "DoC" part of DoCID stands for Delegation of Control. DoCIDs are created for people who need administrative permissions in CornellAD. DoCIDs take the format:prefix-NetID-docwhere the prefix is the two- or three-letter prefix for a top-level Organizational Unit (OU) and NetID is the person's…
Sponsored NetID Process: An online form is available to request Sponsored NetIDs (see procedure below). The process eliminates the need for a sponsor letter, makes the process more secure, and allows the person receiving the NetID to upload a photo electronically.
IT Service Desk staff can answer questions and help you with general problems you are experiencing with your NetID. They will work with records offices to resolve questions of eligibility when they arise.
Federated login with Shibboleth has two major components: Identity Providers (IdP) which authenticate users and release selected information about them, and Service Providers (SP) which accept and process the user data before making access control decisions or passing the information to protected…
On the computer you are renaming, create a local user account with administrator privileges if none exists. Make sure you know the password for this account.Create a new computer object in your OU.Using the domain account that has privileges to join/unjoin the computer, unjoin the computer from…
Viewing Change History logs for an object in Active Roles is restricted. If you don't have access and need data from the logs, please submit your request to Identity Management.Quest Active Roles Server (ARS) retains logs of any changes to an object for 30 days. You can view this log by using the…
The only mandatory naming convention in CornellAD is that all object names must start with the unit prefix.This mandatory convention applies to the following types of objects:
Delegation of Control grants certain administrative rights to a CornellAD organizational unit (OU) administrator. The delegated control rights are assigned to an OU, and are inherited to the sub-OUs for a unit. The following guidelines are set for Delegation of Control at the OU:
In Window's Control Panel, click Programs and Features.On the left, click Turn Windows features on or off.Make sure there is a check next to .NET Framework 3.5.Click OK.Close the Control Panel window.
Join a MacBefore you begin, you'll need the Cornell AD DOCID and administrative access for the computer.
Joining a Windows computer to the cornell.edu domain involves the following basic steps:
UsersDOCIDs: See Create Sub-Delegation (DoCID) AccountsHolding IDs: See Create Holding IDs
CornellAD organizational unit (OU) administrators are given special delegation rights with an ID in the format prefix-NetID-doc. Use this account to perform administrative tasks. Rights are granted as follows:
Naming ConventionsNaming Conventions: The only mandatory naming convention in CornellAD is that all object names must start with the unit prefix.
The CornellAD domain includes three main organizational units (OUs).
CIT has a separate CornellAD domain for testing. The test environment is implemented as closely as possible to the production domain. Operating system and Service Pack levels, DNS integration, schema extensions, logical OU structure, and many Cornell-specific configurations are implemented in the…
When using the ARS Web Management tools, remote users are required to connect with CU VPN.To use the web-based ARS Web Management tool, use a supported browser
To uninstall Spirion, drag the Spirion Application Bundle into the Trash. If you reinstall Spirion again later, all previous custom Preferences and licensing/activation information will be intact.Alternatively, right-click (or ctrl-click) the application and select Move to Trash.
Shredding files in Spirion permanently removes them from your machine. You cannot recover shredded files.
Your list of possible confidential data matches may include "false positives." A false positive is something that looked like confidential data to Spirion, but is not. You can ignore false positives. They will be skipped in future scans (unless they are changed).