Users and Groups
Account creation for MIT Users
- A basic account is automatically created when an MIT certificate-bearing user first arrives on a protected wiki space or first clicks on the 'Log In' link.
Non-MIT users
- A non-MIT user (that is, a user not bearing an MIT personal certificate) arriving on a protected wiki space, or on clicking the 'Log In' link, is redirected to a username/password login page. If the user does not yet have an account, he/she can follow a 'Sign up' link from that page. Submission of the registration form causes a basic account to be created. The registrant's username will map to whatever the user has entered as their email address. Username/password accounts are disallowed for email addresses ending in '@mit.edu and '@<something>.mit.edu' since anyone with such an address is eligible to use MIT's preferred authorization (e.g. personal certificates). There is one exception to that rule: Users with email addresses ending in '@alum.mit.edu' are not eligible for certificates and are therefore allowed to create username/password accounts.
Wiki Group Membership
- Wiki groups map to Moira groups and Stellar class membership lists. In order to add a user to a wiki group, add that user to the proper Moira group or Stellar class group.
- A periodic (several times a day) Moira feed synchronizes internal wiki groups with their corresponding Moira groups. Any Moira group named confluence-<groupname> e.g. 'confluence-mygroup' will be picked up in the feed. The Stellar feed is more infrequent (generally twice a day).
- If a person who is in a Moira group associated with a wiki space is denied access, that person should click the 'Update My Memberships' link near the top of the page. If that person is a member of a group associated with the space in question, a link to that space should then appear on that person's 'dashboard' page.
- Access to some wiki spaces is controlled at the individual user level. If 'Update My Memberships' does not resolve an access problem, there are two likely possibilities:
-- the user is not a member of the appropriate Moira group
--the space in question uses individual permissions and the user has not been added
In either case, the user should first contact the space administrator of the space in question to determine his/her status. - If a non-MIT user is detected in the Moira feed, a basic account will not be created automatically. If the account for that user already exists, though, the user should click 'Update My Memberships' to be added to the appropriate wiki group(s).
- All user accounts are included in a base-level group named confluence-users. This group can not be modified via Moira.
Default Groups
- confluence-users contains all people with Confluence accounts – both MIT and non-MIT
- mit-users contains all people with MIT kerberos accounts
- anonymous a pseudo group equivalent to everyone in the world without an account, used for the purpose of setting a space to be world-accessible.
Managing Groups
Creating and managing Moira lists for wiki access and administration
The recommended practice is to use at least two lists for your wiki space. One list should contain regular users of the space, and the others should contain space administrators. Members of the MIT community can create Moira lists at:
http://wserv.mit.edu/lc/
When creating lists..
- Create "traditional" Moira lists, not Mailman lists
- You must be a member of any list you create for use in your wiki space
- Name your Moira list(s) confluence-<something>, e.g. confluence-mygroup. A Moira list named 'confluence-mygroup' will map to the wiki group 'mygroup'.
- All Moira lists must also be AFS groups. This is important. Be sure to check the appropriate checkbox.
- Create an admin list for the space. Include yourself in it, and make it a self-administered list (set the listowner to be the list itself).
e.g. confluence-mygroup-admin - Create the user-level list for the space. Make the owner of this list admin group you just created.
e.g. confluence-mygroup - Non-MIT users should be added to Moira lists as type 'string'.
- Groups with names that do not start with 'confluence-' will not be included in the feed and corresponding wiki groups will not be created.
- Manage your new Moira list at:
https://web.mit.edu/moira/
Using Existing Moira lists and Stellar class lists.
If you have existing lists you'd like to use for wiki access, you can do so.
Existing Lists..
- Be sure that the lists are AFS groups.
- Be sure that you are a member of each group you wish to use.
- You can create a container group in order to get existing groups into the feed. For example, if you have an existing group named 'mygroup', you can make that group a member of another group, e.g. confluence-mygroup, for purposes of associating the group with the wiki.
- The Registrar's office auto-populates Moira lists corresponding to the class membership. These lists can be useful if no Stellar site exists for a class. Contact the Accounts group (accounts@mit.edu) for more information.
- Stellar class lists can be used for access to a class wiki space. Contact confluence-hq@mit.edu for more information.
Adding your groups to Confluence
A periodic feed populates Confluence with the groups you have created in Moira. Once your groups have been picked up by the feed, space administrators can use them to control access to your space within Confluence.
In your wiki space, go to..
Browse Space
Space Admin
Permissions
Click edit permissions and add your groups under the 'Groups' heading. Add permissions as appropriate.
If you find that the group is not found, click on 'Update My Memberships' and try again.