User Accounts on Central Systems at DESY

This document describes the guidelines for accounts on central computing systems at DESY and files.

Creating Accounts

For using the centrally managed computer systems at DESY with an account, all users have to be registered in the Person Information Pool (PIP). This registration can be done by your group secretary or V1.  The registration of the  account  in the Registry  is done by the Namespace Supervisor of your group. After the account has been setup the registration form has to be printed via the Registry system, has to be signed by the user and a Namespace Supervisor of the group and  to be sent to UCO. As an exception UCO can establish an account but needs the signed  Registration Form.

A list of all administrators is available on the Web via List of Computer Administrators.
For detailed information please see d4.desy.de -> RSR - Regeln und Empfehlungen - Account Regeln (only in German)

Account Lifetimes

Users accounts are limited to the duration of the contract or task at DESY. The maximum initial lifetime is 3 years for all users with unlimited contracts.The account lifetime can be extended in due time before the expiration date.

The limit date can be changed according to requirements, especially due to leaving, please see section "leaving DESY". Namespace supervisors can modify the expiration dates for the users of their group. The Computer Center - through the UCO - can modify expiration dates, if necessary. It will do small changes freely, in case of significant changes the supervisors decide on it.

Account Expiration

Users as well as the namespace supervisors get warned via email automatically, before accounts expire. Expired accounts cannot be used any more, and mails will not be delivered to expired accounts as well. Home directories are kept for a certain period after expiration, please see section "User Files of Expired Accounts".
If an account expired accidentally, or also if a user comes back to DESY after some years, it can be recovered.
 

Leaving DESY

When a user leaves DESY or terminates his association with DESY activities, then his accounts in principle expire at this date.
If former DESY employees want to or shall keep accounts, respectively continue in their work for DESY or the experiments, then the corresponding accounts can be used furthermore. The desired expiration date has to be specified on the Signoff Form; a namespace supervisor can set it accordingly / confirms via signature.

Due to terminated contract duration or retirement DESY employees will get a Signoff Form together with the usual "Laufzettel". The UCO will sign the "Laufzettel", if they have received the Signoff Form. We ask all other people leaving DESY to use the Signoff Form as well, before they leave. The groups and especially the experiments should ask their members to cooperate on this task.
 

User Files of Expired Accounts

The data of expired accounts (home directories, mail boxes) are stored and can be recovered for some years, depending on the platform.
Files outside user home directories, e.g. files on data disks and temporary files are not covered in this way.
For information concerning backup please see it.desy.de -> services -> backup/restore