Identity Management Access Request

NOTE: Please use the Guided form. This lets us capture all of the information that is generally requested by Cybersecurity, Data Stewards, and Auditors. Filling this out completely will prevent questions and delays later.

GT Identity Management policy states that an application owner should obtain permission from the appropriate data steward. We will begin this process for you, when this page is completed. In simple cases, this process is fast and transparent to you. If questions arise, you may be engaged later via phone or email.



Requestor Information



(Required Response )










Form Type

Select the form you would like to fill out. The ad-hoc form is very simple, but will add up to two weeks of processing time. The guided form is more complicated but enables us to process your request much faster.

Ad-Hoc Form
Guided Form


Background Information







Application Information






(Required Response)








Authentication Information

Do you need to authenticate users? If so, please fill out this section.
How will your application authenticate users (ie, check their passwords)?

CAS (login.gatech.edu)

Shibboleth
GTED (LDAP based)
Kerberos (requires specific approval)
Other (please specify)

Data Request

If you need to read data, do you need that from:

Georgia Tech Role System (GRS)
CAS SAML Attributes (limited attributes available)
GTED (LDAP)
GTED (SQL)
Banner (SQL)
Peoplesoft (SQL)
Buzzapi web services
Shibboleth
Other (please specify)

What information do you need?
(Please state, in layman terms/English, what type of data you are requesting, even if you know the LDAP attribute names. For example, say Name info, Title, Dept, whether they are student/employee/alumni, what GTAD groups they belong to, what GRS roles they are in, etc. You can also add the LDAP terminology if you like, and this is helpful, but first describing the need in business terms will allow a better understanding of your needs for Cybersecurity, Data Stewards, Identity Mgt, Mgt, and others.

Common name data (cn ,givenName,sn,displayName)
GT Identifiers (dn, gtDirGUID, gtPIDM,gtEmplid,gtGTID, gtIMSID, gtMagePersonIndex,gtAccessCardNumber, gtPersonDirectoryId, uid, uidNumber, gidNumber, eduPersonPrincipalName) Email address info (mail, primary email address, all known email addresses). Whether they are staff/student/alumni/guest/affiliate (affiliation). What services people or accounts are entitled to use.
 


About whom do you need information? (if different than application-users described above. ex.students,employees,guests,retirees..)


Do you need access to information about students who have requested FERPA confidentiality? (Required Response)
If the answer is YES, please explain Why this is needed. See link below for what FERPA confidential means. See: http://www.registrar.gatech.edu/students/formlanding/confid.php

Note: There are about 20 current students (as of May 09) that have requested confidentiality
Note: Saying yes here means greatly increased data-steward scrutiny


What will this information be used for?



Account Setup Process

If you are using LDAP, rather than CAS or Shiboleth or SQL, then you will have an account created for you to access LDAP. In that case, the account will have a 1 year password expiration policy, and will need periodic password resets

Who should be documented as responsible for the account (if not you)?


What general responsibility is this account a part of? (Mage service role, eg, "Math application development" or "ISYE systems administration")


Can you easily have a password reset within Mage?


If it is not easy for you to have passwords reset, do you have a PGP key we can use to get the password to you? (If not, we will call you at the above telephone number.)