1Maria Dimou- cern-it-gd LCG End of the Task Force for VO User Registration of LHC Experiment Users Grid Deployment Board
2Maria Dimou- cern-it-gd LCG Feb 2007 GDB Summary A GDB-mandated Task Force (TF) worked on: adapting VOMRS (developed at FNAL) to the GDB-approved User Registration Requirements Linking to the CERN HR database (ORGDB) for accessing Personal user data of LHC Experiment VO members Maintaining and deploying voms-admin SOAP interface for use by VOMRS. This required a big development, coordination and testing effort.
3Maria Dimou- cern-it-gd LCG Feb 2007 GDB Why this is the end of the TF VOMRS is used for VO Registration (no more the LDAP service on since Feb 24 th The TF Mandate is accomplished, namely: Users enter only Name/ /DateOfBirth or CERN badge. They are valid VO candidates IF their data are successfully matched against their ORGDB entry. No more Institute Representative (IR) approval is necessary.
4Maria Dimou- cern-it-gd LCG Feb 2007 GDB What other changes were implemented by the TF The VO Acceptance Use Policy (AUP) is displayed (not linked) for the VO candidate to read and sign. All VO members are now prompted to, periodically, re- register with the VO in cases of: One year passed since last registration, Change of contract/experiment, Change of the Grid or VO AUP. The VO managers are able to “suspend” VO members when necessary. Group/Role membership enabled only after Group/Role Owner/Manager's approval.
5Maria Dimou- cern-it-gd LCG Feb 2007 GDB Issues the TF handled VOMRS extensions implemented. ORGDB view linked to VOMRS. ORGDB performance improved. All VOM(R)S ported to Oracle. Oracle connectivity optimised (OCI still pending). Tomcat blockage solved. Glite integration, testing and release procedures used. Four workshops and regular check-point meetings to debug, install and plan the work:
6Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (I) March 2004: GDB gives the TF Mandate to the JSPG The rest of 2004: Evaluation of ORGDB usage with advice from experts and Experiment secretariats. ORGDB view and VOMRS interface work. 2005: VOM(R)S port to Oracle. VOMS testing and integration in gLite release procedures.
7Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (II) Feb 24 th 2006: VOM(R)S in operation. New registrations only possible via VOMRS. May 9 th 2006: VOM(R)S on new FIO-managed reliable hardware with master/slave switch using LinuxHA for the primary server lcg-voms.cern.ch. Oct 16 th 2006: End of the VOMS-LDAP synchronisation service. Voms-proxy-init possible only for users, who properly registered in VOMRS.
8Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (III) Dec 11 th 2006: End of lcg-registrar.cern.ch and the LHC Vos' LDAP Grid job running possible only for users, who properly registered in VOMRS. Dec 13 th 2006: Tomcat melt-down dictates a new architecture for the CERN servers. Since then: voms.cern.ch is used for gridmap file generation only (requires voms-admin) lcg-voms.cern.ch is used for user registration only (requires vomrs).
9Maria Dimou- cern-it-gd LCG Feb 2007 GDB On-going issues and post-TF tasks GDB Advice needed! Operations: Wrong/expired/incomplete ORGDB entries are a headache for VO managers, VOMRS supporters and the Experiment secretariats because t hey ARE show-stoppers for Grid usage. Development/Deployment: There will be no more a framework for: Regular developers' meetings. Communication between the developers and the VO Managers. Debugging with the VOM(R)S testers and service managers. Clarifications between developers and gLite integrators.
10Maria Dimou- cern-it-gd LCG Feb 2007 GDB Credits ORGDB view: Wim van Leersum ORGDB/voms-admin: Karoly Lorentey VOMRS: Tanya Levshina, John Weigand ( ) VOMS-ADMIN: Andrea Ceccanti VOMS: Vincenzo Ciaschini, Valerio Venturi Testing: Maria Alandes, Lanxin Ma Valuable contributors: JSPG, VO Managers, CERN FIO, Exp. Secretariats, CERN Users' Office.
11Maria Dimou- cern-it-gd LCG Feb 2007 GDB Related documents TF Mandate: LHC Experiment users’ new Registration flow: VOM(R)S new requirements: