What is Identity Management?
Identity management is the collection of uniquely identifying information about a person, and the association of that identifying information with a computer account; the account then represents the person throughout the university’s computing infrastructure. The account is used to authenticate a person (who are they?), authorize actions (what can they access, and what can they do?), assign roles (collections of permissions to access/do), and audit (what has this person done?). This computer account model spans across UNO enterprise computing systems with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.
What is FIM?
Microsoft Forefront Identity Manager (FIM) is the identity management suite of applications that IT is now using to manage digital identities, credentials and groupings for students, faculty, and staff throughout the time they are affiliated with the University. Many of the features in FIM allow self-service management of IT security settings, including Self Service Password Reset. Access to these self-service capabilities is through a web portal. The portal allows users who are assigned ownership of objects to manage them without the need to contact the help desk or other IT staff. The idea is that these objects should be managed by the people who use them, and the self-service aspect eliminates the inefficiencies of contacting other parties.
How do I access the Account Management Portal?
What browser can I use with the Account Management Portal?
In this version of the software only Internet Explorer is supported. The next version of the management software is browser agnostic. In addition, there will be mobile client software available for all popular devices including iOS, Android, and Windows phone
How do I access the Account Management Portal from a Mac or Linux machine?
Mac and Linux users must use the remote desktop option: remote.uno.edu
When I browse to access.uno.edu, it doesn’t ask me for a password. Is it secure?
Yes. The system implements an authentication protocol that uses a strong authentication algorithm by using secret-key cryptography. This system will automatically authenticate you if your machine is Windows and you are in the domain; otherwise, it will prompt you for your LAN username and password.
Can I access the portal from off campus?
You can access it using remote.uno.edu. The firewall doesn’t allow off campus access to the management portal.
As a supervisor, how do I search for my employees?
Any person at UNO may have any of 3 primary roles that are represented in FIM. Those roles are employee, student, and timekeeper. Be mindful of this as your search target may have any combination of these roles, or all 3. On the left side of the screen, under the heading “Users”, you will see a link called “My Employees”. Clicking this link will list all of your current subordinates. Also, as seen below, a Search for window is located on the top right side of the portal page. There’s a drop-down menu under Search within that also provides a “My Employees” scope. You can use this scope to search specifically for the people who work for you.
The best way to search for someone depends on what information you have to begin your search. You can search by username or by employee id in order to find the specific role. If you know the person’s name, you can enter the full name or parts of the name in various ways to find the person you’re looking for. While searching, note that searching in FIM is case-insensitive. For example, you can search for Ali (or ali), and FIM will automatically append a wildcard to Ali and search for all persons whose name begins with Ali. The wildcard symbol for FIM searching is %. So searching for Ali% is the same as searching for Ali. If you want to search by last name, you prepend the wildcard to the last name %Gator. This will find Ali Gator, and all other names that end with Gator. The most efficient search method is First%Last, which will take you most directly to the person you are looking for.
How do I prevent one of my employees from losing their IT Access due to a mistake or delayed paperwork or grant expiration?
Follow the steps below:
Browse to the account management portal, https://access.uno.edu
Click the “My Employees” link under the “Users” section on the left side of the screen
Click the employee name that you want to retain
Select the “IT Access” tab
Select the 1st option “Continue current IT Access (including permissions)”
This option will prevent the IT access from being revoked for a period of 6 months
This action is also audited, and it is an attestation that your employee is still contributing to the University’s mission
Is there a way to retain Graduate Assistants or Adjuncts IT Access during semester transitions or course rescheduling?
Yes. Follow the procedure detailed in the previous question.
Why are the IT Access Options greyed out for some of my employees?
Some employee types are not eligible for a supervisor IT Access revocations override, including intermittent employees and student workers. Please note that these exclusions are mandated by the HRM department.
How do I accelerate the revocation of IT Access to avoid waiting for it to happen automatically?
Follow the steps below:
- Browse to the account management portal at https://access.uno.edu
- Click the “My Employees” link under the “Users” section on the left side of the screen
- Click the employee name that you want to retain
- Select the “IT Access” tab
- Select the 2st option “Revoke IT Access Gracefully” to remove permissions to IT systems but allow I: drive and email access to continue for 30 days
- Select the 3rd option “Revoke IT Access Immediately” to remove all IT Access with no exceptions for I: drive and email access.
- These options will accelerate the IT access revocation process by preventing the 7 day override waiting period.
Why does account revocation take place?
Account revocation must occur in a timely way when an employee leaves the University of New Orleans. This is mandated by the Louisiana State Office of Information Technology (OIT). For more information, please visit <http://www.doa.la.gov/pages/ots/index.aspx>
What is meant by “timely” account revocation?
Exiting employees who leave under amicable circumstances have 30 days access to their account to collect and clean up their personal information found in their email mailbox and/or I drive. When an employee is fired their computing account access is removed immediately.
How do I copy my email and I drive during the 30 day period?
Please contact the Help Desk and our file server administrator will copy it for you.
What if I need access to my previous check-stubs after 30 days?
Please contact the payroll office and request copies of the pay periods you need.
How do I access my I: drive data after 30 days?
We do not provide access to university data after the 30 day period for those employees who have been fired, have resigned, have been laid-off, or who have retired from the University.
Do I have to change my password when I retire?
No, in the new system you can continue to use your existing password. The same password policies still apply.
Will I still have access to PeopleSoft, WebSTAR, Moodle, when I retire?
No, unless your supervisor requests that your account stays active; your permissions will be removed. You will still have access to your email and personal WebSTAR access. Under special circumstances, supervisors are authorized to override a PeopleSoft event triggered revocation of IT access. The reason for the override must be that the subordinate employee is “continuing to contribute to the department mission or the mission of the University of New Orleans.”
How do I request gratis appointment?
This is requested by your department. A gratis appointment is a 101 process that allows your account to stay active for 1 year.
How does my supervisor request that my access stay active when I retire?
Your supervisor will get an email notification on the day your retirement becomes active, 7 days before your 30 day grace period begins. The supervisor can logon to the new management portal and select the “keep this employee active” checkbox. This will keep your existing account and permissions active for 6 months. Your supervisor will have an option to renew this again, but you must be contributing to the University’s mission to receive this keep-active option.