Users and Groups
Account creation for MIT Users
- A basic account is automatically created when an MIT certificate-bearing user first arrives on a protected wiki space or first clicks on the 'Log In' link.
Non-MIT users
- A non-MIT user (that is, a user not bearing an MIT personal certificate) arriving on a protected wiki space, or on clicking the 'Log In' link, is redirected to a username/password login page. If the user does not yet have an account, he/she can follow a 'Sign up' link from that page. Submission of the registration form causes a basic account to be created. The registrant's username will map to whatever the user has entered as their email address. <i>Please do not attempt to create accounts on behalf of non-MIT users.</i> Instead, point them to https://wikis.mit.edu/ and have them create their own accounts.
Once the account has been created, the user can be given permission in your wiki space, either as an individual or as a member of an associated Moira group (see below).
Username/password accounts are disallowed for email addresses ending in '@mit.edu and '@<something>.mit.edu' since anyone with such an address is eligible to use MIT's preferred authentication methods (personal certificates, MIT Touchstone). There is one exception to that rule: Users with email addresses ending in '@alum.mit.edu' are not eligible for certificates and are therefore allowed to create username/password accounts.
Wiki Group Membership
- Wiki groups map to Moira groups and Stellar class membership lists. In order to add a user to a wiki group, add that user to the proper Moira group or Stellar class group.
- Any Moira group can be associated with a space. A space administrator can asociate any Moira group with his/her space. A periodic (several times a day) feed synchronizes internal wiki groups with their corresponding Moira groups. Non-MIT users can be added to the Moira group as type STRING.
The Stellar feed is more infrequent (generally twice a day). - It is not necessary to use Moira groups to control acces to wiki spaces. Access to some wiki spaces can be controlled at the individual user level as well.
- If a non-MIT user is detected in the Moira feed, a basic account will not be created automatically. However, once a non-MIT person has registered an account, that person will be picked up and given permission to the space as of the next Moira-wiki feed. You can also (again, assuming the user has created an account) give the person access to the space as an individual user. Note that for non-MIT users, their email addresses are their usernames, and any uppercase characters in that username are changed to lowercase.
- All user accounts are included in a base-level group named confluence-users. This group can not be modified via Moira.
Default Groups
- confluence-users contains all people with Confluence accounts – both MIT and non-MIT
- mit-users contains all people with MIT kerberos accounts
- anonymous a pseudo group equivalent to everyone in the world without an account, used for the purpose of setting a space to be world-accessible.
Managing Groups
Creating and managing Moira lists for wiki access and administration
The recommended practice is to use at least two lists for your wiki space. One list should contain regular users of the space, and the others should contain space administrators. Members of the MIT community can create Moira lists at:
http://wserv.mit.edu/lc/
When creating lists..
- Create "traditional" Moira lists, not Mailman lists
- You, as space administrator, should be a member and administrator of any Moira list you create for use in your wiki space.
- All Moira lists must also be AFS groups ("traditional" groups). This is important. Be sure to check the appropriate checkbox.
- Create an admin list for the space. Include yourself in it, and make it a self-administered list (set the listowner to be the list itself).
e.g. mygroup-wiki-admin - Create the user-level list for the space. Make the owner of this list admin group you just created.
e.g. mygroup-wiki - Non-MIT users should be added to Moira lists as type 'string'.
- Manage your new Moira list at:
https://web.mit.edu/moira/
Using Existing Moira lists and Stellar class lists.
If you have existing lists you'd like to use for wiki access, you can do so.
Existing Lists..
- Be sure that the lists are AFS groups.
- The Registrar's office auto-populates Moira lists corresponding to the class membership. These lists can be useful if no Stellar site exists for a class. Contact the Accounts group (accounts@mit.edu) for more information.
- Stellar class lists can be used for access to a class wiki space. Contact class-wiki-support@mit.edu for more information.
Associating your group(s) in Confluence
A periodic feed populates Confluence with the groups you have created in Moira. Once your groups have been picked up by the feed, space administrators can use them to control access to your space within Confluence.
In your wiki space:
- Go to Browse Space -> Space Admin -> Permissions
- Click edit permissions and add your groups under the 'Groups' heading. Modify permissions as appropriate.